teremok.org.ua XSS vulnerability

2017-03-13T14:36:00
ID OBB:218718
Type openbugbounty
Reporter qiece
Modified 2017-10-24T09:51:00

Description

Vulnerable URL:
http://teremok.org.ua/search/?add_cat=&add;_region=&text;=1%22--!%3E%3CSvg/Onload=confirm`OPENBUGBOUNTY`%3E%22
Details:

Description| Value
---|---
Patched:| Yes, at 24.10.2017
Latest check for patch:| 24.10.2017 09:51 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 549942
VIP website status:| No
Check teremok.org.ua SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 13 March, 2017 14:36 GMT
Vulnerability existence verified and confirmed| 15 March, 2017 05:46 GMT
Generic security notifications sent to website owner| 15 March, 2017 05:46 GMT
Customized security notification sent to website owner| 15 March, 2017 05:46 GMT
Vulnerability details disclosed by researcher| 27 March, 2017 14:00 GMT
Vulnerability patched by the website owner| 24 October, 2017 09:51 GMT