shipdig.com XSS vulnerability

2017-07-26T05:39:00
ID OBB:269506
Type openbugbounty
Reporter Xany
Modified 2017-10-24T09:48:00

Description

Vulnerable URL:
http://www.shipdig.com/search?q=

# xany



![](x)<!--
</pre>

##### Details:

Description| Value  
---|---  
Patched:| Yes, at 24.10.2017  
Latest check for patch:| 24.10.2017 09:48 GMT  
Vulnerability type:| XSS  
Vulnerability status:| Publicly disclosed  
Alexa Rank| 1019014  
VIP website status:| No  
Check shipdig.com SSL connection:| (Grade: F)

##### Coordinated Disclosure Timeline:

Description| Value  
---|---  
Vulnerability submitted via Open Bug Bounty| 26 July, 2017 05:39 GMT  
Vulnerability existence verified and confirmed| 26 July, 2017 07:04 GMT  
Generic security notifications sent to website owner| 26 July, 2017 07:04 GMT  
Customized security notification sent to website owner| 26 July, 2017 07:04 GMT  
Notification sent to subscribers (without technical details)| 26 July, 2017 10:17 GMT  
Vulnerability details disclosed by researcher| 24 October, 2017 07:16 GMT  
Vulnerability patched by the website owner| 24 October, 2017 09:48 GMT