wcde.org XSS vulnerability

2017-10-05T18:21:00
ID OBB:323705
Type openbugbounty
Reporter mcurietribute
Modified 2018-01-04T11:40:00

Description

Vulnerable URL:
http://www.wcde.org/education/components/sectionlist/default.php?sectiondetailid=27297&category;=13'">![](x)501&&PHPSESSID;=bbc0231322c51ae7609cd5d5ee2b88ce
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 560638
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 5 October, 2017 18:21 GMT
Generic security notifications sent to website owner| 5 October, 2017 18:24 GMT
Notification sent to subscribers (without technical details)| 5 October, 2017 22:17 GMT
Vulnerability details disclosed by researcher| 3 January, 2018 19:19 GMT
Vulnerability patched by the website owner| 4 January, 2018 11:40 GMT