allure.com Cross Site Scripting vulnerability OBB-3223598

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

allure.com Cross Site Scripting vulnerability OBB-1269214

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

allure.com XSS vulnerability

Open Bug Bounty ID: OBB-452669 Description| Value ---|--- Affected Website:| allure.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

allure.com XSS vulnerability

Vulnerable URL: http://www.allure.com/search?qt=dismax=score+desc=" style=background:red; onmouseover=alertString.fromCharCode88,83,83,80,79,83,69,68 "= Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 15:44 GMT Vulnerability type:| XSS...