ashford.com XSS vulnerability

2015-09-05T00:26:00
ID OBB:84419
Type openbugbounty
Reporter WhitePacket
Modified 2015-09-05T00:28:00

Description

Vulnerable URL:
http://www.ashford.com/us/browse;jsessionid=7B3E532540284D714A307F20EE283A5F.prd-store31?_dyncharset=UTF-8&_dynSessConf=-8590144187157026973&Dy;=1&Nty;=1&siteScope;=ok&_D:siteScope=+&Ntt;=">&search.x;=21&search.y;=19&_D:search=+&_DARGS=/cartridges/SearchBox/SearchBox.jsp
Details:

Description| Value
---|---
Patched:| Yes, at 26.09.2015
Latest check for patch:| 26.09.2015 01:13 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 7059
Google Pagerank| 4
VIP website status:| Yes
Check ashford.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 5 September, 2015 00:26 GMT
Vulnerability existence verified and confirmed| 5 September, 2015 00:28 GMT