velleman.eu XSS vulnerability

2017-06-19T14:57:00
ID OBB:250078
Type openbugbounty
Reporter hackdemonium
Modified 2017-07-06T12:57:00

Description

Vulnerable URL:
http://www.velleman.eu/products/search/?q=a%27foo%3D%22%3E%3Edemonium%3C%2Ftitle%3E%3C%2Fscript%3E%3Cmarquee+onstart%3Dprompt%28%27OPENBUGBOUNTY%27%29%3Eb&search;=Search
Details:

Description| Value
---|---
Patched:| Yes, at 22.06.2017
Latest check for patch:| 22.06.2017 08:02 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 135220
VIP website status:| No
Check velleman.eu SSL connection:| (Grade: B)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 19 June, 2017 14:57 GMT
Generic security notifications sent to website owner| 19 June, 2017 15:00 GMT
Customized security notification sent to website owner| 19 June, 2017 15:00 GMT
Vulnerability patched by the website owner| 22 June, 2017 09:42 GMT
Vulnerability details disclosed by researcher| 6 July, 2017 12:57 GMT