Report Email Alerts 172,811 coordinated disclosures
101,416 fixed vulnerabilities
142,251 websites, 14,151 VIP websites
4,885 researchers, 6,123 subscribers

Are you sure you want to delete the vulnerability?

Yes No

This feature enables you to send additional notifications to the website owners or admins after the vulnerability is submitted. The total number of additional notification is limited to 10, and to 1 in 24 hours.

Notify specific security contact:


To my best knowledge this email belongs to the website owner/admin


Open Bug Bounty ID: OBB-336596

Security Researcher login_denied Helped patch 911 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
, holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting friend-series.com website and its users.

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147, Open Bug Bounty has:

      a. verified the vulnerability and confirmed its existence;
      b. notified the website operator about its existence.

Affected Website:friend-series.com
Vulnerable Application:Custom Code
Vulnerability Type:XSS (Cross Site Scripting) / CWE-79
Remediation Guide:OWASP XSS Prevention Cheat Sheet
CVSSv3 Score:6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Discovered and Reported by:login_denied Helped patch 911 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
,

Coordinated Disclosure Timeline

Vulnerability Reported:12 October, 2017 21:06 GMT
Vulnerability Verified:12 October, 2017 21:09 GMT
Website Operator Notified:12 October, 2017 21:09 GMT
a. Using publicly available security contacts
b. Using Open Bug Bounty notification framework
c. Using security contacts provided by the researcher
Vulnerability Published:

12 October, 2017 21:09 GMT
[without any technical details]

Vulnerability Details

Vulnerable URL:

Mirror: Click here to view the mirror

For Website Operators and Owners

If you are the website owner or operator, please contact the security researcher directly to get the vulnerability details, proceed to remediation and coordinated disclosure.

DISCLAIMER: As a non-profit project, Open Bug Bounty never acts as an intermediary between website owners and security researchers. Our role is strictly limited to independent verification of the reports and proper notification of website owners by all available means. Please refer to about page for further details.


friend-series.com

Latest Vulnerabilities on *.friend-series.com

OBB-ID Reported by Status Reported on
unpatched
12.10.2017


Website Overview

Alexa Global Rank:58426
SSL/TLS Server Test:N/A    
Web Server Security Test:N/A    
Malware Test:Click here
Domain Health Report:Click here

Community Rating

Provided by independent security researchers who reported security issues on this website using coordinated and responsible disclosure:

 
Responsiveness  Indicates how quickly researchers are getting responses to their notifications sent to the website operators.
Security Awareness  Indicates researchers’ view on how smoothly the website operators resolved the reported security issues.
Cooperation and Mutual Respect   Indicates researchers’ perception of positiveness and mutual respect in their communications with the website operators.


LATEST VIP SUBMISSIONS

eduhk.hk
Reported by JT__- Helped patch 54 vulnerabilities
Received 3 Coordinated Disclosure badges
on 24.02.2018
century21.com
Reported by tbm Helped patch 1777 vulnerabilities
Received 7 Coordinated Disclosure badges
Received 3 recommendations
on 24.02.2018
caffeinamagazine.it
Reported by mertcanesen Helped patch 8 vulnerabilities
Received 1 Coordinated Disclosure badges
on 24.02.2018
har.com
Reported by tbm Helped patch 1777 vulnerabilities
Received 7 Coordinated Disclosure badges
Received 3 recommendations
on 24.02.2018
redfin.com
Reported by tbm Helped patch 1777 vulnerabilities
Received 7 Coordinated Disclosure badges
Received 3 recommendations
on 24.02.2018
norma-online.de
Reported by ELProfesor Helped patch 321 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 20 recommendations
on 24.02.2018
ams.at
Reported by ELProfesor Helped patch 321 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 20 recommendations
on 24.02.2018
cv.ee
Reported by ELProfesor Helped patch 321 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 20 recommendations
on 24.02.2018
stj.jus.br
Reported by fubr Helped patch 1323 vulnerabilities
Received 7 Coordinated Disclosure badges
Received 31 recommendations
on 24.02.2018
inria.fr
Reported by ELProfesor Helped patch 321 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 20 recommendations
on 24.02.2018



LATEST SUBMISSIONS

vw-dresden.de
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
vfib-ev.de
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
vicoverzekeringen.nl
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
vrp-multicartes.fr
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
soiree-arthritis.fr
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
exposition-up.fr
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
cea.isen.free.fr
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
kid-style.be
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
cigarette-tabac-belgique.be
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018
cabinet056.be
Reported by Implosion Helped patch 755 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 22 recommendations
on 24.02.2018