webdocs.cs.ualberta.ca Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1048957 Security Researcher Nep13371998 Helped patch 562 vulnerabilities Received 4 Coordinated Disclosure badges Received 7 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting webdocs.cs.ualberta.ca...

webdocs.cs.ualberta.ca XSS vulnerability

Vulnerable URL: https://webdocs.cs.ualberta.ca/wfb/cgi-bin/cantatasearch.cgi?words=%3Cimg+src%3Dx+onerror%3Dalert%28%27XSSPOSED%27%29%3E=20=0 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Ale...