20min.ch XSS vulnerability

2015-07-29T18:56:00
ID OBB:76608
Type openbugbounty
Reporter tbm
Modified 2016-11-09T10:28:00

Description

Vulnerable URL:
http://www.20min.ch/entertainment/kino/story/-Es%22%3E%3Csvg%20onload=alert%28%27XSSPOSED%27%29%3E%22-macht-Spass--dass-der-Nerd-der-Held-ist--10461391
Details:

Description| Value
---|---
Patched:| Yes, at 01.12.2015
Latest check for patch:| 01.12.2015 08:05 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 3113
Google Pagerank| 7
VIP website status:| Yes
Check 20min.ch SSL connection:| (Grade: B)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 29 July, 2015 18:56 GMT
Vulnerability existence verified and confirmed| 30 July, 2015 10:00 GMT
Vulnerability patched by the website owner| 9 November, 2016 10:28 GMT