iyfipgun.com XSS vulnerability

2017-10-25T02:29:00
ID OBB:366193
Type openbugbounty
Reporter OmniGooch
Modified 2017-11-24T12:02:00

Description

Vulnerable URL:
http://www.iyfipgun.com/Nutrients_Prostate.cfm?domain=smangus.org&fp;=Pyqwt0MTvxP40NY3q7hJPjt51qTu2wA7LasJooZpJMzbWylw7Tokanrx5jp7nIy2qGwIJd9S2UFatV6L6Wgsa3IIH1oWd%2Bxk%2BgpZKdU1iVGqtwyuAJxur43KPkqKqjk%2B276kKpbGCLRx0PjHiW2kzxFg4PQLNEDxEs05lEagK29%2B9EVujfMKvrZ1K0pkBwLdY5RmgilGljpTcxVEf8s43A%3D%3D&maxads;=0&kld;=1003&prvtof;=DgQTz5QpH0gCCkCcRGa6nj5ODjRE4%2BwWM8gMvfvPvshl8BgQ4WbEIFdCLVKIzpwScD7c%2Bjydcutb2%2FnGvMA5y3Pwb3f5HIrmUniZZeJDKcozvomg2Uqpuv9DU2w%2BK%2BoC&&&kt;=217&&kbc;=angus&ki;=20871945&ktd;=0&kld;=1003&kp;=4&bd;=-7%23900%231440%231%230%23697%23340
Details:

Description| Value
---|---
Patched:| Yes, at 24.11.2017
Latest check for patch:| 24.11.2017 12:02 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 128872
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 25 October, 2017 02:29 GMT
Generic security notifications sent to website owner| 25 October, 2017 02:32 GMT
Notification sent to subscribers (without technical details)| 25 October, 2017 06:17 GMT
Vulnerability details disclosed by researcher| 24 November, 2017 03:21 GMT
Vulnerability patched by the website owner| 24 November, 2017 12:02 GMT