Security researcher holisticinfosec, has submitted on 25/03/2008 a cross-site-scripting (XSS) vulnerability affecting bluefly.com, which at the time of submission ranked 7399 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/04/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 25/03/2008 |
Date published: 12/04/2008 |
Fixed? Mail us! | Status:  UNFIXED |
URL: http://bluefly.com/pages/search/results.jsp;jsessionid=HobzrIuDooFLT816iLxdtGnDM7WKJS0Yi2cxSAoDccvh1
uMrkUyV!-893005850!app19.l3.bluefly.com!7005!7002?cmSrch=true&Ne=500000&Ntk=all&Ntx=mode+matchallpar
tial&N=933&Ntt=test&FOLDER%3C%3Efolder_id=%22%3E%3Cmarquee%3E%3Ch%31%3EThis_site_is_NOT_Hacker_Safe%
3C%2Fh%31%3E%3C%2Fmarquee%3E&inicat=933 |
|
Click here to view the mirror
|
|
|
| 
