piv.max.gov XSS vulnerability

2017-08-26T11:42:00
ID OBB:282315
Type openbugbounty
Reporter amlnspqr
Modified 2017-10-04T08:30:00

Description

Vulnerable URL:
https://piv.max.gov/cas/login
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No
Check piv.max.gov SSL connection:| (Grade: B-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 26 August, 2017 11:42 GMT
Generic security notifications sent to website owner| 26 August, 2017 11:44 GMT
Vulnerability details disclosed by researcher| 3 October, 2017 18:16 GMT
Vulnerability patched by the website owner| 4 October, 2017 08:30 GMT