Report Email Alerts Open Bug Bounty: 179,445 coordinated disclosures
Total Vulnerabilities Fixed: 83,568
169,011 vulnerable websites, 16,351 VIP websites
4,106 security researchers, 5,514 notification subscribers

Open Bug Bounty ID

OBB-311276

Coordinated Vulnerability Disclosure

On the 24.09.2017 security researcher SonnySpooks Helped patch 605 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 5 recommendations
reported a XSS vulnerability affecting the brickset.com website via the Open Bug Bounty coordinated vulnerability disclosure program.

We verified the vulnerability and independently confirmed its existence. Technical details of the vulnerability are currently hidden ("On Hold") to give website owner time to patch the vulnerability without putting any of its users at risk. If patched, vulnerability details can be publicly disclosed by the researcher in at least 30 days since submission, if unpatched - in at least 90 days since submission.

If you are the website owner or administrator please contact the researcher directly to get vulnerability details and proceed to coordinated disclosure.

Coordinated Disclosure Timeline

Vulnerability submitted via Open Bug Bounty24 September, 2017 14:33 GMT
Generic security notifications sent to website owner24 September, 2017 14:36 GMT
Notification sent to subscribers (without technical details)24 September, 2017 18:17 GMT

brickset.com Profile:

General

Alexa Rank16951
VIP website statusYes
Check brickset.com for malware:Click here

Description

Brickset home page | Brickset: LEGO set guide and database. LEGO set database: Brickset home page.

User Comments:

Please login via twitter to be the first one to comment.


Latest Vulnerabilities on *.brickset.com

OBB-ID Reported by Status Reported on
On Hold
19.10.2017
On Hold
24.09.2017
patched
12.07.2017
unpatched
19.06.2017
unpatched
16.07.2016
patched
25.06.2016
unpatched
01.03.2016
patched
03.09.2015
patched
03.09.2015
patched
03.09.2015
patched
03.09.2015

Latest Vulnerabilities Reported by SonnySpooks

OBB-ID Vulnerability Status Reported
On Hold
12.11.2017
On Hold
12.11.2017
On Hold
12.11.2017
On Hold
11.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
10.11.2017
On Hold
08.11.2017
On Hold
27.10.2017
On Hold
27.10.2017
On Hold
27.10.2017


LATEST VIP SUBMISSIONS

fontspring.com
Reported by TAHA Helped patch 68 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 11 recommendations
on 23.11.2017
gayforit.eu
Reported by TAHA Helped patch 68 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 11 recommendations
on 23.11.2017
sega.com
Reported by Chris5389 Helped patch 14 vulnerabilities
Received 1 Coordinated Disclosure badges
on 23.11.2017
amnh.org
Reported by TAHA Helped patch 68 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 11 recommendations
on 23.11.2017
subsmovies.me
Reported by retr0 Helped patch 1485 vulnerabilities
Received 6 Coordinated Disclosure badges
on 23.11.2017
subtitlesbank.online
Reported by retr0 Helped patch 1485 vulnerabilities
Received 6 Coordinated Disclosure badges
on 23.11.2017
interestingengineering.com
Reported by huntingforbug Helped patch 2 vulnerabilities
Received 1 Coordinated Disclosure badges
Received 1 recommendations
on 23.11.2017
uoc.gr
Reported by retr0 Helped patch 1485 vulnerabilities
Received 6 Coordinated Disclosure badges
on 23.11.2017
ikmultimedia.com
Reported by Chris5389 Helped patch 14 vulnerabilities
Received 1 Coordinated Disclosure badges
on 23.11.2017
whowhatwear.co.uk
Reported by huntingforbug Helped patch 2 vulnerabilities
Received 1 Coordinated Disclosure badges
Received 1 recommendations
on 23.11.2017



LATEST SUBMISSIONS

myview.sf.k12.sd.us
Reported by Chris5389 Helped patch 14 vulnerabilities
Received 1 Coordinated Disclosure badges
on 23.11.2017
ties.sf.k12.sd.us
Reported by Chris5389 Helped patch 14 vulnerabilities
Received 1 Coordinated Disclosure badges
on 23.11.2017
ffam.asso.fr
Reported by sehno Helped patch 1 vulnerabilities
Received 0 Coordinated Disclosure badges
on 23.11.2017
ffg.jeudego.org
Reported by sehno Helped patch 1 vulnerabilities
Received 0 Coordinated Disclosure badges
on 23.11.2017
quid.ma
Reported by retr0 Helped patch 1485 vulnerabilities
Received 6 Coordinated Disclosure badges
on 23.11.2017
mathcelebrity.com
Reported by Chris5389 Helped patch 14 vulnerabilities
Received 1 Coordinated Disclosure badges
on 23.11.2017
project.athens-agora.gr
Reported by fakessh Helped patch 106 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 10 recommendations
on 23.11.2017
vendirectimmo.fr
Reported by sehno Helped patch 1 vulnerabilities
Received 0 Coordinated Disclosure badges
on 23.11.2017
ozdence.com
Reported by fakessh Helped patch 106 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 10 recommendations
on 23.11.2017
lp-partners.ru
Reported by amlnspqr Helped patch 999 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 10 recommendations
on 23.11.2017