http://admin.proonline.group (gifts.mail.ru shop operator) admin panel blind XSS
State Resolved (Closed)
Disclosed publicly 2018-10-11T14:56:19.856Z
Reported To
Weakness Information Disclosure
Bounty
Collapse

Summary by w2w

Blind XSS in http://admin.proonline.group
Proonline is not operated or owned by Mail.Ru Group, but it runs an online shop which hosts Mail.Ru branded gift shop gifts.mail.ru. Proonline does not have any privileged/additional access to Mail.Ru network or user's data. Gifts.mail.ru is not advertised to Mail.Ru users and is mostly used by Mail.Ru stuff.

Timeline
submitted a report to Mail.Ru .
2018-04-11T21:20:50.501Z

Regards,
Frans

  • 0 attachments:
w2w Activities::Comment
2018-04-11T21:28:45.358Z


sergeybelove Activities::Comment
2018-04-11T21:43:03.056Z


3apa3a Activities::BugTriaged
2018-04-11T21:47:15.877Z


3apa3a Activities::Comment
2018-04-11T22:36:32.615Z


w2w Activities::Comment
2018-04-12T08:12:19.120Z


w2w Activities::Comment
2018-04-12T08:17:31.085Z


Activities::NotEligibleForBounty
2018-04-26T16:14:19.533Z


kpebetka Activities::BugResolved
2018-04-26T16:14:38.883Z


3apa3a Activities::ChangedScope
2018-06-21T19:53:38.096Z


3apa3a Activities::ReportTitleUpdated
2018-06-21T20:44:19.045Z


3apa3a Activities::ReportTitleUpdated
2018-06-21T20:44:45.593Z


yngwie Activities::Comment
2018-10-10T11:50:40.811Z


w2w Activities::AgreedOnGoingPublic
2018-10-11T14:16:24.635Z


3apa3a Activities::AgreedOnGoingPublic
2018-10-11T14:56:19.803Z


3apa3a Activities::ReportBecamePublic
2018-10-11T14:56:19.881Z