leagueathletics.com XSS vulnerability

2015-10-26T13:21:00
ID OBB:95065
Type openbugbounty
Reporter retr0
Modified 2015-10-26T13:24:00

Description

Vulnerable URL:
https://leagueathletics.com/guest/trial.asp?email=%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 21523
Google Pagerank| 6
VIP website status:| Yes
Check leagueathletics.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 26 October, 2015 13:21 GMT
Vulnerability existence verified and confirmed| 26 October, 2015 13:24 GMT