srv00.recas.ba.infn.it XSS vulnerability

2017-11-25T16:23:00
ID OBB:432781
Type openbugbounty
Reporter Random_Robbie
Modified 2017-12-28T02:17:00

Description

Vulnerable URL:
http://srv00.recas.ba.infn.it/mitozoa/results.php?searchtype=search_general"'--!>&allfields;=&accession;=&definition;=&keywords;=&organism;=&taxonomy;=&references;=&genetic;_code=&circular;=on&linear;=on&less;=&more;=&comment;=&base;_select=-&base;_more_than=&base;_less_than=&base;_skew_select=-&base;_more_skew=&base;_less_skew=
Details:

Description| Value
---|---
Patched:| Yes, at 28.11.2017
Latest check for patch:| 28.11.2017 15:29 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 25 November, 2017 16:23 GMT
Generic security notifications sent to website owner| 27 November, 2017 08:33 GMT
Notification sent to subscribers (without technical details)| 27 November, 2017 10:17 GMT
Vulnerability details disclosed by researcher| 27 December, 2017 09:55 GMT
Vulnerability patched by the website owner| 28 December, 2017 02:17 GMT