iyfipgun.com XSS vulnerability

2017-10-29T23:19:00
ID OBB:378507
Type openbugbounty
Reporter OmniGooch
Modified 2017-11-29T13:48:00

Description

Vulnerable URL:
http://www.iyfipgun.com/AMC.cfm?domain=themoviegoer.com&fp;=LnUe1cOTWqLhIyF%2B63MMzM%2FxA2mYz3ncINEqbW%2Bl%2FjuRMnNPwqEKdo%2FyiuBcthr6MaRyZG4%2BJXgwvhAeIG2loI0ykG7TnmGqLpcRRQ%2FjLspd1QfL4LC0eXGVohUerT1fc%2BJhkeB1RYQpWUU47QyzqEOCKRXbh588DdgSfjZ%2Bw9lpB2b79rg9QBR7jzAp6RhPvKm7ywbnncWVw6Dnk2vMSw%3D%3D&maxads;=0&kld;=1003&prvtof;=xpcf%2BE5HeEne%2B1s0FT6xH%2Fd0OWumDlcoTJv4GaoOR0o1lrXwua1OYr%2FtmTewJjLUQIPnfkGNbFHkImZVia84rPxLl90qe0QDMvNSWJeOU76qrYb%2BsYIkobVN4b%2FY2oNW&&&kt;=217&&kbc;=moviegoer&ki;=1601737&ktd;=16384&kld;=1003&kp;=4&bd;=-7%23900%231440%231%230%23697%23338
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 122773
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 29 October, 2017 23:19 GMT
Generic security notifications sent to website owner| 29 October, 2017 23:20 GMT
Notification sent to subscribers (without technical details)| 30 October, 2017 02:17 GMT
Vulnerability details disclosed by researcher| 28 November, 2017 23:28 GMT
Vulnerability patched by the website owner| 29 November, 2017 13:48 GMT