Lucene search

K
openbugbountyAaaimgOBB:265593
HistoryJul 18, 2017 - 3:26 p.m.

markafoni.com XSS vulnerability

2017-07-1815:26:00
aaaimg
www.openbugbounty.org
5
Vulnerable URL:
http://www.markafoni.com/arama?q=%3C%2Fscript%3E%3Cmarquee+onstart%3Dprompt(%2FOPENBUGBOUNTY%2F)%3E
Details:
Description Value
Patched: Yes, at 27.11.2017
Latest check for patch: 27.11.2017 16:36 GMT
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank 12391
VIP website status: Yes
Check markafoni.com SSL connection: (Grade: A)
Coordinated Disclosure Timeline:
Description Value
Vulnerability submitted via Open Bug Bounty 18 July, 2017 15:26 GMT
Generic security notifications sent to website owner 18 July, 2017 15:28 GMT
Notification sent to subscribers (without technical details) 18 July, 2017 18:17 GMT
Vulnerability details disclosed by researcher 10 October, 2017 17:04 GMT
Vulnerability patched by the website owner 27 November, 2017 16:36 GMT