ydee.be XSS vulnerability

2017-06-15T10:17:00
ID OBB:248357
Type openbugbounty
Reporter Random_Robbie
Modified 2017-07-28T11:19:00

Description

Vulnerable URL:
https://ydee.be/en/gifts/?type_id=15&brand;_id=&color;_group_id=&price;_min=0%22%27%2D%2D%21>

##### Details:

Description| Value  
---|---  
Patched:| No  
Latest check for patch:| 28.07.2017  
Vulnerability type:| XSS  
Vulnerability status:| Publicly disclosed  
Alexa Rank| 4138148  
VIP website status:| No  
Check ydee.be SSL connection:| (Grade: A+)

##### Coordinated Disclosure Timeline:

Description| Value  
---|---  
Vulnerability submitted via Open Bug Bounty| 15 June, 2017 10:17 GMT  
Vulnerability existence verified and confirmed| 16 June, 2017 10:50 GMT  
Generic security notifications sent to website owner| 16 June, 2017 10:50 GMT  
Vulnerability details disclosed by researcher| 28 July, 2017 11:19 GMT