shop.nationalgeographic.com XSS vulnerability

2015-09-05T06:57:00
ID OBB:84458
Type openbugbounty
Reporter WhitePacket
Modified 2017-07-25T17:01:00

Description

Vulnerable URL:
http://shop.nationalgeographic.com/ngs/facet/facetGlossary.jsp;jsessionid=EA15A68A271359BF8595327EBC7F2A82?_dyncharset=UTF-8&_dynSessConf=3577070649054570401&trailSize;=1&advancedSearch;=true&liveResult;=true&categoryId;=&trail;=&addFacet;=19016:1:SRCH:">&removeAllFacets;=true&categoryFacetId;=9004&searchmenu;=allCategories&trailtext;=">&search;=SEARCH
Details:

Description| Value
---|---
Patched:| Yes, at 25.07.2017
Latest check for patch:| 25.07.2017 17:01 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 7
VIP website status:| Yes
Check shop.nationalgeographic.com SSL connection:| (Grade: B-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 5 September, 2015 06:57 GMT
Vulnerability existence verified and confirmed| 5 September, 2015 06:59 GMT
Vulnerability patched by the website owner| 25 July, 2017 17:01 GMT