Report Email Alerts Open Bug Bounty: 138,562 coordinated disclosures
Total Vulnerabilities Fixed: 59,903
140,700 vulnerable websites, 14,988 VIP websites
3,377 security researchers, 4,404 notification subscribers

Open Bug Bounty ID:

OBB-204451

nomadlist.com Security Vulnerability

On the 08.01.2017 security researcher k0t Badges received: 3
Recommendations received: 4
Total reports: 671
Total reports on VIP sites: 294
Total patched vulnerabilities: 206
disclosed XSS vulnerability affecting nomadlist.com website.

On the 08.01.2017 security researcher k0t discovered and reported XSS vulnerability affecting nomadlist.com

On our side, we have notified website owner via all reasonable communication channels about the vulnerability, so it can be patched as quickly as possible.

You can check if the vulnerability is patched by clicking on the verification link below. If you have any contacts with the website administrator or a person in charge of its security - please send him, or her, this link as soon as possible.

Vulnerability Details


nomadlist.com Description

Nomad List — Best Cities to Live and Work Remotely for Digital Nomads. The best cities to live and work remotely for Digital Nomads, based on cost of living, internet speed, weather and other metrics. For startups that work remotely and digital nomads.

Vulnerable URL:

https://nomadlist.com/best-cities-for-pro-gamers?asd"><script>alert(/O PENBUGBOUNTY/)</script>

Other details:

Patched:No
Check for patch: Verify now



Latest check for patch:02.04.2017
Vulnerability type:XSS
Vulnerability status:Publicly disclosed
Alexa Rank55834
VIP website status:No
Check nomadlist.com for malware:Click here
Check nomadlist.com SSL connection:Click here (Grade: A+) Refresh Results

Mirror: Click here to view the mirror

Coordinated Disclosure Timeline

Vulnerability submitted via Open Bug Bounty8 January, 2017 at 17:01 GMT
Generic security notifications sent to website owner8 January, 2017 at 17:04 GMT
Notification sent to subscribers (without technical details)8 January, 2017 at 18:17 GMT
Vulnerability details disclosed by researcher2 April, 2017 at 17:14 GMT

Comments:

Please login via twitter to be the first one to comment.


Latest Vulnerabilities on *.nomadlist.com

OBB-ID Reported by Status Reported on
unpatched
08.01.2017
unpatched
03.01.2017

Latest Vulnerabilities Reported by k0t

OBB-ID Vulnerability Status Reported
On Hold
26.07.2017
On Hold
25.07.2017
On Hold
25.07.2017
On Hold
25.07.2017
On Hold
25.07.2017
On Hold
24.07.2017
On Hold
20.07.2017
On Hold
20.07.2017
On Hold
20.07.2017
On Hold
20.07.2017
On Hold
20.07.2017
On Hold
20.07.2017
On Hold
20.07.2017
On Hold
17.07.2017
On Hold
14.07.2017
On Hold
14.07.2017
On Hold
14.07.2017
On Hold
12.07.2017
On Hold
12.07.2017
On Hold
12.07.2017


LATEST VIP SUBMISSIONS

mywot.com
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
atlantico.fr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
ytn.co.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
showroomprive.pt
Reported by Oc3f Badges received: 3
Recommendations received: 3
Total reports: 1286
Total reports on VIP sites: 278
Total patched vulnerabilities: 479
on 27.07.2017
saldiprivati.com
Reported by Oc3f Badges received: 3
Recommendations received: 3
Total reports: 1286
Total reports on VIP sites: 278
Total patched vulnerabilities: 479
on 27.07.2017
showroomprive.es
Reported by Oc3f Badges received: 3
Recommendations received: 3
Total reports: 1286
Total reports on VIP sites: 278
Total patched vulnerabilities: 479
on 27.07.2017
showroomprive.com
Reported by Oc3f Badges received: 3
Recommendations received: 3
Total reports: 1286
Total reports on VIP sites: 278
Total patched vulnerabilities: 479
on 27.07.2017
radiovesti.ru
Reported by OmniGooch Badges received: 4
Recommendations received: 3
Total reports: 4141
Total reports on VIP sites: 347
Total patched vulnerabilities: 658
on 27.07.2017
baiduyunpan.com
Reported by OmniGooch Badges received: 4
Recommendations received: 3
Total reports: 4141
Total reports on VIP sites: 347
Total patched vulnerabilities: 658
on 27.07.2017
thetruthaboutcancer.com
Reported by MiguelSantareno Badges received: 1
Recommendations received: 5
Total reports: 350
Total reports on VIP sites: 63
Total patched vulnerabilities: 19
on 27.07.2017



LATEST SUBMISSIONS

bijo.ch
Reported by secuninja Badges received: 4
Recommendations received: 18
Total reports: 2122
Total reports on VIP sites: 146
Total patched vulnerabilities: 354
on 27.07.2017
sempre-audio.at
Reported by secuninja Badges received: 4
Recommendations received: 18
Total reports: 2122
Total reports on VIP sites: 146
Total patched vulnerabilities: 354
on 27.07.2017
gondoltad-volna.hu
Reported by RickChase Badges received: 2
Total reports: 220
Total reports on VIP sites: 9
Total patched vulnerabilities: 52
on 27.07.2017
intelligentdesign.or.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
pgr21.co.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
seeko.co.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
m.starluxe.co.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
afterplus.co.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
osungdang.co.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017
scvk.or.kr
Reported by keritzy Twitter: @keritzy
Badges received: 2
Total reports: 1596
Total reports on VIP sites: 141
Total patched vulnerabilities: 77
on 27.07.2017