darudar.org XSS vulnerability

2017-06-30T12:04:00
ID OBB:255296
Type openbugbounty
Reporter asterisk
Modified 2017-07-21T12:30:00

Description

Vulnerable URL:
http://darudar.org/search/?q=nblksjdgb&country;=0&region;=0&city;=0&category;=0&status;">[]=safvasf&status;[]=1&rel;=1&ln;=pl_PL
Details:

Description| Value
---|---
Patched:| Yes, at 20.07.2017
Latest check for patch:| 20.07.2017 19:08 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 47139
VIP website status:| Yes
Check darudar.org SSL connection:| (Grade: C)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 30 June, 2017 12:04 GMT
Generic security notifications sent to website owner| 30 June, 2017 12:06 GMT
Customized security notification sent to website owner| 30 June, 2017 12:06 GMT
Notification sent to subscribers (without technical details)| 30 June, 2017 14:17 GMT
Vulnerability details disclosed by researcher| 20 July, 2017 19:07 GMT
Vulnerability patched by the website owner| 21 July, 2017 12:30 GMT