experimentos.ufm.edu XSS vulnerability

2017-11-11T13:35:00
ID OBB:409189
Type openbugbounty
Reporter Y4r4G_
Modified 2018-02-09T13:35:00

Description

Open Bug Bounty ID: OBB-409189

Description| Value
---|---
Affected Website:| experimentos.ufm.edu
Vulnerable Application:| Custom Code
Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79
CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Remediation Guide:| OWASP XSS Prevention Cheat Sheet

Vulnerable URL:
http://experimentos.ufm.edu/recruitment/public/participant_create.php?p=cd5BTmqoq0omw&s;=1&dr;=Yes.&subpool;_id=1&fname;=">&lname;=2222&email;=juan  @hotmail.com&invitations;[internet]=internet☎_number=323123&gender;=m&field;_of_studies=1043936774&profession;=1043799210&begin;_of_studies=2013&add;=Submit
Coordinated Disclosure Timeline

Description| Value
---|---
Vulnerability Reported:| 11 November, 2017 13:35 GMT
Vulnerability Verified:| 11 November, 2017 13:37 GMT
Website Operator Notified:| 11 November, 2017 13:37 GMT
Vulnerability Published:| 11 November, 2017 13:37 GMT[without any technical details]
Public Disclosure:| 9 February, 2018 13:35 GMT