localharvest.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1081093 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting localharvest.org website...

localharvest.org XSS vulnerability

Open Bug Bounty ID: OBB-640213 Description| Value ---|--- Affected Website:| localharvest.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

localharvest.org XSS vulnerability

Open Bug Bounty ID: OBB-638759 Description| Value ---|--- Affected Website:| localharvest.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

localharvest.org XSS vulnerability

Vulnerable URL: https://www.localharvest.org/zipsearch.jsp?badzip=%5C%22%20onmouseover=%22prompt%27OPENBUGBOUNTY%27%22%20id=%22=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 05.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 926...

localharvest.org XSS vulnerability

Vulnerable URL: https://www.localharvest.org/accounts/recoverpassword.jsp?rurl=%2Faccounts%2Findex.jsp%22%27--!%3E%3CScript%20/K/%3Econfirm'OPENBUGBOUNTY'%3C/Script%20/K/%3EKNOXSS Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS...

localharvest.org XSS vulnerability

Vulnerable URL: http://www.localharvest.org/events.jsp?t=0=100=%22%20onmouseover=prompt%28/XSSPOSED/%29%20%22=go Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 21:40 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

localharvest.org XSS vulnerability

Vulnerable URL: http://www.localharvest.org/events.jsp?t=0=100="=go Details: Description| Value ---|--- Patched:| Yes, at 20.08.2015 Latest check for patch:| 20.08.2015 05:49 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 55422 Google Pagerank| 7 VIP website...

Unfixed XSS vulnerability at www.localharvest.org

Security researcher RubberDuck, has submitted on 06/03/2007 a cross-site-scripting XSS vulnerability affecting www.localharvest.org, which at the time of submission ranked 72110 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2007. It is...