cmb.fr XSS vulnerability

2017-05-03T07:40:00
ID OBB:230856
Type openbugbounty
Reporter DrStache
Modified 2018-01-03T03:45:00

Description

Vulnerable URL:
https://www.cmb.fr/domiweb/prive/particulier/premiereConnexionCVD/afficherFrameIdentification.jsp?codeSi=">&codeEFS;=">&codeEspace;=PA
Details:

Description| Value
---|---
Patched:| Yes, at 02.01.2018
Latest check for patch:| 02.01.2018 14:27 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 14075
VIP website status:| Yes
Check cmb.fr SSL connection:| (Grade: B-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 3 May, 2017 07:40 GMT
Generic security notifications sent to website owner| 3 May, 2017 07:43 GMT
Vulnerability details disclosed by researcher| 26 July, 2017 08:17 GMT
Vulnerability patched by the website owner| 3 January, 2018 03:45 GMT