Search...

Fixed XSS vulnerability at autonews.sat1.de

2012-02-29T00:00:00

ID XSSED:76775
Type xssed
Reporter owege
Modified 2015-12-03T00:00:00

Description

Security researcher owege, has submitted on 29/02/2012 a cross-site-scripting (XSS) vulnerability affecting autonews.sat1.de, which at the time of submission ranked 11086 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/03/2015. It is currently fixed.

Vulnerable URL: http://autonews.sat1.de/auto/news/index.jsp?marke="><script>alert(document.cookie)</script>&submit=OK

JSON Vulners Source

Initial Source

{"description": "Security researcher owege, has submitted on 29/02/2012 a cross-site-scripting (XSS) vulnerability affecting autonews.sat1.de, which at the time of submission ranked 11086 on the web according to Alexa. \nWe manually validated and published a mirror of this vulnerability on 12/03/2015. It is currently fixed.\n\nVulnerable URL: http://autonews.sat1.de/auto/news/index.jsp?marke=\"><script>alert(document.cookie)</script>&submit=OK", "id": "XSSED:76775", "title": "Fixed XSS vulnerability at autonews.sat1.de", "viewCount": 0, "objectVersion": "1.2", "cvelist": [], "bulletinFamily": "bugbounty", "published": "2012-02-29T00:00:00", "href": "http://www.xssed.com/mirror/76775/", "hash": "eff993cf3a7db6539fe43f11e7bd3233c195ebc456e699deebc01aeba62e49c1", "history": [], "reporter": "owege", "edition": 1, "cvss": {"score": 0.0, "vector": "NONE"}, "references": ["http://autonews.sat1.de"], "lastseen": "2016-03-20T00:53:31", "modified": "2015-12-03T00:00:00", "enchantments": {"score": {"value": 0.6, "vector": "NONE", "modified": "2016-03-20T00:53:31"}, "dependencies": {"references": [], "modified": "2016-03-20T00:53:31"}, "vulnersScore": 0.6}, "type": "xssed"}