cormoran.de XSS vulnerability

2017-06-13T06:00:00
ID OBB:247454
Type openbugbounty
Reporter secuninja
Modified 2017-07-11T06:14:00

Description

Vulnerable URL:
http://www.cormoran.de/start.php?file=products/search.htm&navid;=65&ovs;_site=co&ovs;_lang=de&ovs;_prdrows=5&ovs;_prdsort=1&ovs;_prdrows2=10&ovs;_prod=1
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 29.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1435486
VIP website status:| No
Check cormoran.de SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 13 June, 2017 06:00 GMT
Generic security notifications sent to website owner| 13 June, 2017 06:03 GMT
Customized security notification sent to website owner| 13 June, 2017 06:03 GMT
Vulnerability details disclosed by researcher| 11 July, 2017 06:14 GMT