riachuelo.com.br XSS vulnerability

2017-02-04T22:40:00
ID OBB:211499
Type openbugbounty
Reporter JulioCesar
Modified 2017-07-28T14:56:00

Description

Vulnerable URL:
http://www.riachuelo.com.br/buscar?s=">

##### Details:

Description| Value  
---|---  
Patched:| Yes, at 28.07.2017  
Latest check for patch:| 28.07.2017 14:56 GMT  
Vulnerability type:| XSS  
Vulnerability status:| Publicly disclosed  
Alexa Rank| 51831  
VIP website status:| No  
Check riachuelo.com.br SSL connection:| (Grade: F)

##### Coordinated Disclosure Timeline:

Description| Value  
---|---  
Vulnerability submitted via Open Bug Bounty| 4 February, 2017 22:40 GMT  
Generic security notifications sent to website owner| 4 February, 2017 22:42 GMT  
Customized security notification sent to website owner| 4 February, 2017 22:42 GMT  
Vulnerability details disclosed by researcher| 1 April, 2017 23:14 GMT  
Vulnerability patched by the website owner| 28 July, 2017 14:56 GMT