otp.chru-strasbourg.fr XSS vulnerability

2017-08-28T08:13:00
ID OBB:282846
Type openbugbounty
Reporter Implosion
Modified 2017-10-09T03:31:00

Description

Vulnerable URL:
https://otp.chru-strasbourg.fr/otp/si.jsp?_ga=GA1.2.1011778527.1503907939&_gid=GA1.2.555207045.1503907939&_gat=1⊁_VPNERR=4001%3Cscript%3Ealert(%27OPENBUGBOUNTY%27)%3C/script%3E
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No
Check otp.chru-strasbourg.fr SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 28 August, 2017 08:13 GMT
Generic security notifications sent to website owner| 28 August, 2017 08:15 GMT
Vulnerability details disclosed by researcher| 8 October, 2017 15:17 GMT
Vulnerability patched by the website owner| 9 October, 2017 03:31 GMT