sef.pt XSS vulnerability

2017-07-21T00:53:00
ID OBB:266275
Type openbugbounty
Reporter PedroR
Modified 2017-07-28T01:16:00

Description

Vulnerable URL:
http://www.sef.pt/portal/v10/PT/aspx/pesquisa/documentos/index.aspx?SearchString=%22%27%29;alert%28%27OPENBUGBOUNTY
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 11.08.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 108625
VIP website status:| No
Check sef.pt SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 21 July, 2017 00:53 GMT
Generic security notifications sent to website owner| 21 July, 2017 00:56 GMT
Notification sent to subscribers (without technical details)| 21 July, 2017 02:17 GMT
Vulnerability details disclosed by researcher| 28 July, 2017 01:16 GMT