Report Email Alerts 172,840 coordinated disclosures
101,430 fixed vulnerabilities
142,267 websites, 14,153 VIP websites
4,886 researchers, 6,123 subscribers

Are you sure you want to delete the vulnerability?

Yes No

This feature enables you to send additional notifications to the website owners or admins after the vulnerability is submitted. The total number of additional notification is limited to 10, and to 1 in 24 hours.

Notify specific security contact:


To my best knowledge this email belongs to the website owner/admin


Open Bug Bounty ID: OBB-225411

Security Researcher xssbuddy Helped patch 332 vulnerabilities
Received 2 Coordinated Disclosure badges
Received 2 recommendations
, holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting supermicro.com website and its users.

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147, Open Bug Bounty has:

      a. verified the vulnerability and confirmed its existence;
      b. notified the website operator about its existence.

Affected Website:supermicro.com
Vulnerable Application:Custom Code
Vulnerability Type:XSS (Cross Site Scripting) / CWE-79
Remediation Guide:OWASP XSS Prevention Cheat Sheet
CVSSv3 Score:6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Discovered and Reported by:xssbuddy Helped patch 332 vulnerabilities
Received 2 Coordinated Disclosure badges
Received 2 recommendations
,

Coordinated Disclosure Timeline

Vulnerability Reported:16 April, 2017 20:46 GMT
Vulnerability Verified:17 April, 2017 05:56 GMT
Website Operator Notified:17 April, 2017 05:56 GMT
a. Using publicly available security contacts
b. Using Open Bug Bounty notification framework
c. Using security contacts provided by the researcher
Vulnerability Published:

17 April, 2017 05:56 GMT
[without any technical details]
Vulnerability Fixed:13 September, 2017 08:00 GMT

Vulnerability Details

Vulnerable URL:

HTTP POST data:

Research's Comment:

Mirror: Click here to view the mirror

For Website Operators and Owners

If you are the website owner or operator, please contact the security researcher directly to get the vulnerability details, proceed to remediation and coordinated disclosure.

DISCLAIMER: As a non-profit project, Open Bug Bounty never acts as an intermediary between website owners and security researchers. Our role is strictly limited to independent verification of the reports and proper notification of website owners by all available means. Please refer to about page for further details.


supermicro.com

Latest Vulnerabilities on *.supermicro.com

OBB-ID Reported by Status Reported on
patched
16.04.2017


Website Overview

Alexa Global Rank:28873
SSL/TLS Server Test:N/A    
Web Server Security Test:N/A    
Malware Test:Click here
Domain Health Report:Click here

Community Rating

Provided by independent security researchers who reported security issues on this website using coordinated and responsible disclosure:

 
Responsiveness  Indicates how quickly researchers are getting responses to their notifications sent to the website operators.
Security Awareness  Indicates researchers’ view on how smoothly the website operators resolved the reported security issues.
Cooperation and Mutual Respect   Indicates researchers’ perception of positiveness and mutual respect in their communications with the website operators.


LATEST VIP SUBMISSIONS

mafiadoc.com
Reported by YNafiai Helped patch 0 vulnerabilities
Received 0 Coordinated Disclosure badges
on 25.02.2018
onedio.ru
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
toyokeizai.net
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
imagevenue.com
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
donya-e-eqtesad.com
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
liberoquotidiano.it
Reported by Marc_Angio Helped patch 1 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
leggo.it
Reported by Marc_Angio Helped patch 1 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
xpau.se
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
panduoduo.net
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018
getchu.com
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 25.02.2018



LATEST SUBMISSIONS

proteinstore.ru
Reported by ut Helped patch 60 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 8 recommendations
on 25.02.2018
classm44.com
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
lv-aone.net
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
chonmak.com
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
eunicekim.ca
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
bosungcanada.com
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
golfpops.com
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
s-works.ca
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
bhairlines.com
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018
hosujung.com
Reported by keritzy Helped patch 719 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 4 recommendations
on 25.02.2018