jobs.hays.co.uk XSS vulnerability

2017-01-26T13:27:00
ID OBB:209442
Type openbugbounty
Reporter Random_Robbie
Modified 2017-02-24T07:14:00

Description

Vulnerable URL:
http://jobs.hays.co.uk/search?getfields=*&proxyreload;=0&filter;=0&entsp;=a__hays_policy&oe;=UTF-8&ie;=UTF-8&ud;=1&exclude;_apps=1&client;=sangam_jobs_frontend_en%27"--!>&ulang;=&requiredfields;=xlocale:en-GB&siteLocale;=en-GB&domainId;=1&btnG;=Search&site;=IRE_SANGAM_JOBS_COLL&client;=sangam_frontend_en&entsp;=hays_policy&proxystylesheet;=sangam_jobs_frontend_en&ip;=195.11.6.145&access;=p&sort;=date:D:L:d1&entqr;=3&entqrm;=0&wc;=0&wc;_mc=0&q;=itarchitectinmeta:xIndustry=Property&RealEstate;&dnavs;=inmeta:xIndustry=Property&RealEstate;'
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No
Check jobs.hays.co.uk SSL connection:| (Grade: C+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 26 January, 2017 13:27 GMT
Vulnerability existence verified and confirmed| 27 January, 2017 06:56 GMT
Vulnerability details disclosed by researcher| 24 February, 2017 07:14 GMT