Vulnerable URL:
https://topup.orange.com/?s=%3Cscript%3Ealert%28%27OPENBUGBOUNTY%27%29%3C%2Fscript%3E
Details:
Description |
Value |
Patched: |
Yes, at |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
Unknown / Not calculated |
VIP website status: |
No |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
10 January, 2017 20:55 GMT |
Generic security notifications sent to website owner |
10 January, 2017 20:57 GMT |
Notification sent to subscribers (without technical details) |
10 January, 2017 22:17 GMT |
Vulnerability details disclosed by researcher |
17 January, 2017 21:15 GMT |
Vulnerability patched by the website owner |
16 February, 2017 14:38 GMT |