uva.nl XSS vulnerability

2015-10-31T17:03:00
ID OBB:98562
Type openbugbounty
Reporter dim0k
Modified 2015-10-31T17:05:00

Description

Vulnerable URL:
http://www.uva.nl/nieuws-agenda/agenda/alle-evenementen/alle-evenementen.html?x"onmouseover=alert(String.fromCharCode(88,83,83,80,79,83,69,68))//
Details:

Description| Value
---|---
Patched:| Yes, at 21.11.2015
Latest check for patch:| 21.11.2015 17:58 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 20264
Google Pagerank| 7
VIP website status:| Yes
Check uva.nl SSL connection:| (Grade: B+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 31 October, 2015 17:03 GMT
Vulnerability existence verified and confirmed| 31 October, 2015 17:05 GMT