careerone.com.au IFRAME Injection vulnerability

2017-02-01T02:53:00
ID OBB:210394
Type openbugbounty
Reporter Xany
Modified 2017-02-16T15:16:00

Description

Vulnerable URL:
http://www.careerone.com.au/talentpools/accounting/search?search_company=&search;_keywords=">

# XANY
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| IFRAME Injection
Vulnerability status:| Publicly disclosed
Alexa Rank| 25386
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 1 February, 2017 02:53 GMT
Vulnerability existence verified and confirmed| 2 February, 2017 14:27 GMT
Generic security notifications sent to website owner| 2 February, 2017 14:27 GMT
Customized security notification sent to website owner| 2 February, 2017 14:27 GMT
Notification sent to subscribers (without technical details)| 2 February, 2017 18:17 GMT
Vulnerability details disclosed by researcher| 16 February, 2017 15:16 GMT