government.ae XSS vulnerability

2015-07-08T01:39:00
ID OBB:70389
Type openbugbounty
Reporter shhnjk
Modified 2016-01-30T20:59:00

Description

Vulnerable URL:
http://www.government.ae/web/guest/all-services?serviceName=%22%20onfocus=alert(%27XSSPOSED%27)%20autofocus=
Details:

Description| Value
---|---
Patched:| Yes, at 30.01.2016
Latest check for patch:| 30.01.2016 20:59 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 135752
Google Pagerank| 7
VIP website status:| Yes
Check government.ae SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 8 July, 2015 01:39 GMT
Vulnerability existence verified and confirmed| 8 July, 2015 01:42 GMT
Vulnerability patched by the website owner| 30 January, 2016 20:59 GMT