Lucene search
EgyptghostOBB:472607HistoryDec 31, 2017 - 11:40 p.m.
memograv.fr XSS vulnerability
2017-12-3123:40:00
egyptghost
www.openbugbounty.org
15
Open Bug Bounty ID: OBB-472607
| Description | Value |
|---|---|
| Affected Website: | memograv.fr |
| Vulnerable Application: | Custom Code |
| Vulnerability Type: | XSS (Cross Site Scripting) / CWE-79 |
| CVSSv3 Score: | 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] |
| Remediation Guide: | OWASP XSS Prevention Cheat Sheet |
Vulnerable URL:
http://www.memograv.fr/espace-client-fiche-produit.php?id=36%22%27--!%3E%3CScript%20/K/%3Econfirm(1)%3C/Script%20/K/%3E&lightbox;[width]=850&lightbox;[height]=500#
Coordinated Disclosure Timeline
| Description | Value |
|---|---|
| Vulnerability Reported: | 31 December, 2017 23:40 GMT |
| Vulnerability Verified: | 31 December, 2017 23:42 GMT |
| Website Operator Notified: | 31 December, 2017 23:42 GMT |
| Vulnerability Published: | 31 December, 2017 23:42 GMT[without any technical details] |
| Public Disclosure: | 31 March, 2018 23:40 GMT |