realestate2000menh.com XSS vulnerability

2017-10-10T18:46:00
ID OBB:331877
Type openbugbounty
Reporter mcurietribute
Modified 2018-01-08T19:19:00

Description

Vulnerable URL:
http://www.realestate2000menh.com/searchresults.php?sort=l2h&start;=13'">![](x)1&qs;_area=&type;=reg&price;_min=&price;_max=&sqft;_min=&sqft;_max=&acreage;_min=&acreage;_max=&property;_type=&bedrooms;_min=&bathrooms;_max=&keyword;=&include;_nh=&waterfront;=&lakefront;=yes&view;=
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 08.01.2018
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 15836244
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 10 October, 2017 18:46 GMT
Generic security notifications sent to website owner| 10 October, 2017 18:49 GMT
Notification sent to subscribers (without technical details)| 10 October, 2017 22:17 GMT
Vulnerability details disclosed by researcher| 8 January, 2018 19:19 GMT