legionellacontrol.org.uk XSS vulnerability

2017-06-01T16:03:00
ID OBB:243670
Type openbugbounty
Reporter dragan_security
Modified 2017-06-30T06:28:00

Description

Vulnerable URL:
https://www.legionellacontrol.org.uk/search.php?q=dantek%22%27--!%3E%3CScript%20/K/%3Econfirm(/OPENBUGBOUNTY/)%3C/Script%20/K/%3E&submit;=Search#
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2624168
VIP website status:| No
Check legionellacontrol.org.uk SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 1 June, 2017 16:03 GMT
Generic security notifications sent to website owner| 1 June, 2017 16:05 GMT
Vulnerability details disclosed by researcher| 29 June, 2017 16:15 GMT
Vulnerability patched by the website owner| 30 June, 2017 06:28 GMT