Report Email Alerts Open Bug Bounty: 204,727 coordinated disclosures
Total Vulnerabilities Fixed: 97,261
187,305 vulnerable websites, 17,681 VIP websites
4,575 security researchers, 5,906 notification subscribers

Open Bug Bounty ID

OBB-49260

booking.com Security Vulnerability

On the 16.09.2014 security researcher xsscrapy disclosed XSS vulnerability affecting booking.com website.

On our side, we have notified website owner via all reasonable communication channels about the vulnerability, so it can be patched as quickly as possible.

Currently the vulnerability is patched and does not represent any security risk for the website or its visitors.

Vulnerability Details


booking.com Description

Booking.com: 536,544 hotels worldwide. 37+ million hotel reviews. Big savings on hotels in 65,000 destinations worldwide. Browse hotel reviews and find the guaranteed best price on hotels for all budgets.

Vulnerable URL:

Other details:

Patched:Yes, at 18.09.2014
Latest check for patch:18.09.2014 11:20 GMT
Vulnerability type:XSS
Vulnerability status:Publicly disclosed
Alexa Rank95
Google Pagerank7
VIP website status:Yes
Check booking.com for malware:Click here
Check booking.com SSL connection:Click here (Grade: A+) Refresh Results

Mirror: Click here to view the mirror

Coordinated Disclosure Timeline

Vulnerability reported16 September, 2014 11:27 GMT
Vulnerability existence verified and confirmed 16 September, 2014 19:51 GMT

User Comments:

Please login via twitter to be the first one to comment.


Latest Vulnerabilities on *.booking.com

OBB-ID Reported by Status Reported on
On Hold
01.12.2017
patched
03.09.2017
patched
12.05.2017
unpatched
16.03.2017
patched
18.01.2017
unpatched
13.01.2017
unpatched
10.01.2017
patched
29.06.2015
patched
16.09.2014

Latest Vulnerabilities Reported by xsscrapy

OBB-ID Vulnerability Status Reported
patched
16.09.2014
unpatched
16.09.2014
unpatched
16.09.2014
patched
16.09.2014
patched
11.09.2014
patched
11.09.2014
patched
11.09.2014
patched
11.09.2014
patched
11.09.2014
patched
11.09.2014
patched
11.09.2014
patched
11.09.2014
patched
11.09.2014
unpatched
11.09.2014
patched
11.09.2014
unpatched
11.09.2014
patched
11.09.2014
patched
11.09.2014
patched
09.09.2014
unpatched
09.09.2014


LATEST VIP SUBMISSIONS

avocatnet.ro
Reported by JOSEFOX Helped patch 2 vulnerabilities
Received 0 Coordinated Disclosure badges
on 19.01.2018
maserati.com
Reported by deb_security Helped patch 358 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 18 recommendations
on 19.01.2018
ilgiardinodeilibri.it
Reported by deb_security Helped patch 358 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 18 recommendations
on 19.01.2018
product.co.jp
Reported by deb_security Helped patch 358 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 18 recommendations
on 19.01.2018
eurobabeindex.com
Reported by deb_security Helped patch 358 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 18 recommendations
on 19.01.2018
ja.shenyun.com
Reported by AndreCalvinho Helped patch 226 vulnerabilities
Received 4 Coordinated Disclosure badges
Received 16 recommendations
on 19.01.2018
onthesnow.com
Reported by Random_Robbie Helped patch 2025 vulnerabilities
Received 8 Coordinated Disclosure badges
Received 35 recommendations
on 19.01.2018
camping1402.rssing.com
Reported by OmniGooch Helped patch 1814 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 8 recommendations
on 19.01.2018
milorad.rssing.com
Reported by OmniGooch Helped patch 1814 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 8 recommendations
on 19.01.2018
supernovabling26678.rssing.com
Reported by OmniGooch Helped patch 1814 vulnerabilities
Received 5 Coordinated Disclosure badges
Received 8 recommendations
on 19.01.2018



LATEST SUBMISSIONS

hdvidzpro.pro
Reported by NitishDubey Helped patch 158 vulnerabilities
Received 3 Coordinated Disclosure badges
on 19.01.2018
allpsychologyschools.com
Reported by fV Helped patch 34 vulnerabilities
Received 2 Coordinated Disclosure badges
on 19.01.2018
megaopt24.ru
Reported by huntingforbug Helped patch 78 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 7 recommendations
on 19.01.2018
25thframe.co.uk
Reported by huntingforbug Helped patch 78 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 7 recommendations
on 19.01.2018
asrebazi.com
Reported by huntingforbug Helped patch 78 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 7 recommendations
on 19.01.2018
onlinemoviesonweb.com
Reported by huntingforbug Helped patch 78 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 7 recommendations
on 19.01.2018
doh.wa.gov
Reported by fV Helped patch 34 vulnerabilities
Received 2 Coordinated Disclosure badges
on 19.01.2018
traditional-odb.org
Reported by huntingforbug Helped patch 78 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 7 recommendations
on 19.01.2018
efilmesonline.com.br
Reported by huntingforbug Helped patch 78 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 7 recommendations
on 19.01.2018
itworldcanada.com
Reported by huntingforbug Helped patch 78 vulnerabilities
Received 3 Coordinated Disclosure badges
Received 7 recommendations
on 19.01.2018