On the 25.10.2017 security researcher reported a XSS vulnerability affecting the citizensbank.com website via the Open Bug Bounty coordinated vulnerability disclosure program.
Vulnerability submitted via Open Bug Bounty| 25 October, 2017 13:13 GMT
Vulnerability existence verified and confirmed| 26 October, 2017 09:47 GMT
Generic security notifications sent to website owner| 26 October, 2017 09:47 GMT
Notification sent to subscribers (without technical details)| 26 October, 2017 10:17 GMT
If you are the website owner or administrator please contact the researcher directly to get vulnerability details and proceed to coordinated disclosure.