plasticker.de XSS vulnerability

2017-05-03T09:43:00
ID OBB:230907
Type openbugbounty
Reporter secuninja
Modified 2017-05-25T06:15:00

Description

Vulnerable URL:
http://plasticker.de/search_global.php?begriff=%3E%27%3E%22%3Es%3Ci%3Ei%3Cimg+src%3Dx+onerror%3Dprompt%28%2Fopenbugbounty%2F%29%3E&submit;=true
Details:

Description| Value
---|---
Patched:| Yes, at 24.05.2017
Latest check for patch:| 24.05.2017 07:16 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 204358
VIP website status:| No
Check plasticker.de SSL connection:| (Grade: B+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 3 May, 2017 09:43 GMT
Generic security notifications sent to website owner| 3 May, 2017 09:45 GMT
Vulnerability patched by the website owner| 24 May, 2017 22:38 GMT
Vulnerability details disclosed by researcher| 25 May, 2017 06:15 GMT