oesz.at Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1129414 Security Researcher DakkarKey Helped patch 407 vulnerabilities Received 6 Coordinated Disclosure badges Received 14 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting oesz.at website and its...

oesz.at XSS vulnerability

Vulnerable URL: http://oesz.at/OESZNEU/SUCHE/SQLSUCHE03.php?sstring=%22%3E%27%3EI%3Ci%3EI%3Csvg%2Fonload%3Dalert%28%2Fopenbugbounty%2F%29%3E=0=0=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 14.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclose...