Lucene search
TvMOBB:206539HistoryJan 15, 2017 - 8:02 p.m.
rbcroyalbank.com XSS vulnerability
2017-01-1520:02:00
TvM
www.openbugbounty.org
7
Vulnerable URL:
https://www.rbcroyalbank.com/cgi-bin/account-selector/selector.cgi?student='-confirm('OPENBUGBOUNTY')-'
Details:
| Description | Value |
|---|---|
| Patched: | Yes, at |
| Vulnerability type: | XSS |
| Vulnerability status: | Publicly disclosed |
| Alexa Rank | 2345 |
| VIP website status: | Yes |
| Check rbcroyalbank.com SSL connection: | (Grade: A) |
Coordinated Disclosure Timeline:
| Description | Value |
|---|---|
| Vulnerability submitted via Open Bug Bounty | 15 January, 2017 20:02 GMT |
| Generic security notifications sent to website owner | 15 January, 2017 20:04 GMT |
| Notification sent to subscribers (without technical details) | 15 January, 2017 22:17 GMT |
| Vulnerability details disclosed by researcher | 9 April, 2017 20:13 GMT |
| Vulnerability patched by the website owner | 10 April, 2017 13:34 GMT |