iyfipgun.com XSS vulnerability

2017-11-03T05:41:00
ID OBB:389104
Type openbugbounty
Reporter OmniGooch
Modified 2017-12-07T07:41:00

Description

Vulnerable URL:
http://www.iyfipgun.com/Zelnorm.cfm?domain=soma-zone.com&fp;=1reej42USyBCrxZJwWKDReI7lIF2eGhwX1aJLsqvgOX9j%2B5BAP3ZOv9iK63Gs3CYejMsoPlP0Lc3ARJHU4CabsSk92HSzwNjUVsBRmvKW0qsa8RgqA8q6x75%2FQaflGwL0r0JLDIQLAnxVYdsPKnjrst2RRO0K2hWexuJNVqiiwHV79xh4esdqDZG2KHsf2mKHS37SYDi8fOcjLnWFbJkXQ%3D%3D&maxads;=0&kld;=1003&prvtof;=jFHURl2wJCBXwB8rdDLmAmw9Tos9hkPm9WYU7gTiG5%2Bby6v2OYCf7xNVXLuO5VrQoBXee%2BDDuiTihPxrZ9XULFGiASyY2fmiiSrklByaA9bxbQ1mVQJWbzIJVeikMsWz0d%2BjUVcgVWrBAkQ7l9LO0w%3D%3D&&&kt;=213&&kbc;=soma&ki;=31577507&ktd;=16384&kld;=1003&kp;=4&bd;=-7%23900%231440%231%230%23688%23340
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 119244
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 3 November, 2017 05:41 GMT
Generic security notifications sent to website owner| 3 November, 2017 05:43 GMT
Notification sent to subscribers (without technical details)| 3 November, 2017 06:17 GMT
Vulnerability details disclosed by researcher| 6 December, 2017 15:20 GMT
Vulnerability patched by the website owner| 7 December, 2017 07:41 GMT