na.gov.pk – XSS Vulnerability [Cyber Alert]
April 12, 2017How Wonga data breach could affect nearly 250,000 customers’ bank details
April 17, 2017Website : paperpk.com
Description : Jobs in Pakistan Newspaper ads & classified careers – PaperPk.com. Paperpk jobs in Pakistan from all newspaper ads on paperpk.com with careers classified ads . Now you can post jobs as employer and apply for jobs online from paper.pk
Vulnerable URL:
http://paperpk.com/job-title-list.php?title=HR<img src=x onerror=prompt(/XSS Alert)>
Other details:
Patched: No
Latest check for patch: 27.03.2017
Vulnerability type: XSS
Vulnerability status: Publicly disclosed
Alexa Rank 6364
Notification & Disclosure Timeline
20 March, 2017 at 22:04 GMT Vulnerability reported via Open Bug Bounty
20 March, 2017 at 22:07 GMT Notification sent to emails provided by researcher
20 March, 2017 at 22:07 GMT Notification sent to generic security emails
21 March, 2017 at 02:17 GMT Notification sent to subscribers (without technical details)
27 March, 2017 at 22:14 GMT Vulnerability details publicly disclosed