golfcaorle.it XSS vulnerability

2017-04-23T20:12:00
ID OBB:227306
Type openbugbounty
Reporter Random_Robbie
Modified 2017-06-05T05:14:00

Description

Vulnerable URL:
http://www.golfcaorle.it/index.php?area=68&menu;=30&page;=127&idnotizia;=153"'--!>&lingua;=1&np;=&#KNOXSS
</pre><h5>Details:</h5><table><tr><td>Description</td><td>Value</td></tr><tr><td>Patched:</td><td>Yes, at</td></tr><tr><td>Vulnerability type:</td><td>XSS</td></tr><tr><td>Vulnerability status:</td><td>Publicly disclosed</td></tr><tr><td>Alexa Rank</td><td>15929493</td></tr><tr><td>VIP website status:</td><td>No</td></tr><tr><td>Check golfcaorle.it SSL connection:</td><td>(Grade: B-)</td></tr></table><h5>Coordinated Disclosure Timeline:</h5><table><tr><td>Description</td><td>Value</td></tr><tr><td>Vulnerability submitted via Open Bug Bounty</td><td>23 April, 2017 20:12 GMT</td></tr><tr><td>Vulnerability existence verified and confirmed</td><td>24 April, 2017 04:33 GMT</td></tr><tr><td>Notification sent to subscribers (without technical details)</td><td>24 April, 2017 06:17 GMT</td></tr><tr><td>Vulnerability details disclosed by researcher</td><td>5 June, 2017 05:14 GMT</td></tr></table>