regioevent.de XSS vulnerability

2015-08-07T16:04:00
ID OBB:78088
Type openbugbounty
Reporter krankoPwnz
Modified 2015-08-07T16:06:00

Description

Vulnerable URL:
http://www.regioevent.de/veranstaltungen/suchergebnisse_veranstaltung/?search_from=">&search;_to=&new;_search=true&rubrik0;=&submit;=&search;_string=suchbegriff%20eingeben&radius;=&postcode;=plz%20oder%20ort&regioevent;_id=regioevent%20id&now;=1438962802
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1059700
Google Pagerank| 4
VIP website status:| No
Check regioevent.de SSL connection:| (Grade: A-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 7 August, 2015 16:04 GMT
Vulnerability existence verified and confirmed| 7 August, 2015 16:06 GMT