www2.cslb.ca.gov XSS vulnerability

2017-07-02T13:55:00
ID OBB:257117
Type openbugbounty
Reporter et
Modified 2017-09-24T13:55:00

Description

Open Bug Bounty ID: OBB-257117

Description| Value
---|---
Affected Website:| www2.cslb.ca.gov
Vulnerable Application:| Custom Code
Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79
CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Remediation Guide:| OWASP XSS Prevention Cheat Sheet

Vulnerable URL:
https://www2.cslb.ca.gov/OnlineServices/CheckLicenseII/Definition.asp?Definition=A+citation+is+a+disciplinary+action+that+may+require+the+for+any+alleged+violation(s)+of+law.+Licensees+have+the+right+to+appeal+a+disciplinary+action+and+no+conclusion+or+judgments+as+to+the+validity+of+any+charges+should+be+assumed+until+the+legal+action+process+has+been+completed.&Title1;=1">