bharathlisting.com XSS vulnerability

2017-09-02T17:43:00
ID OBB:286691
Type openbugbounty
Reporter npuser500
Modified 2017-12-01T18:18:00

Description

Vulnerable URL:
http://bharathlisting.com/_searchresults.php?query=OPENBUGBOUNTY';prompt('OPENBUGBOUNTY');var x='y
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 01.12.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 393331
VIP website status:| No
Check bharathlisting.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 2 September, 2017 17:43 GMT
Generic security notifications sent to website owner| 2 September, 2017 17:46 GMT
Notification sent to subscribers (without technical details)| 2 September, 2017 18:17 GMT
Vulnerability details disclosed by researcher| 1 December, 2017 18:18 GMT