news.siamphone.com XSS vulnerability

2017-06-19T08:18:00
ID OBB:249904
Type openbugbounty
Reporter Random_Robbie
Modified 2017-07-31T09:16:00

Description

Vulnerable URL:
http://news.siamphone.com/linkout.php?out=http://www.amazon.co.uk/dp/B000PA71U2?tag=theunofspykwe-21&camp;=1406&creative;=6394&linkCode;=as1&creativeASIN;=B000PA71U2&adid;=0TM00CXPZ9NMKH5WBSW9&&ref-refURL;=http://www.spykee.org/Default.aspx
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 31.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| Yes
Check news.siamphone.com SSL connection:| (Grade: B)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 19 June, 2017 08:18 GMT
Generic security notifications sent to website owner| 19 June, 2017 08:21 GMT
Notification sent to subscribers (without technical details)| 19 June, 2017 10:17 GMT
Vulnerability details disclosed by researcher| 31 July, 2017 09:16 GMT