Security researcher InSecurity.Ro, has submitted on 08/10/2010 a cross-site-scripting (XSS) vulnerability affecting adspecs.yahoo.es, which at the time of submission ranked 4 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 08/10/2010 |
Date published: 20/12/2011 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: InSecurity.Ro |
Domain: adspecs.yahoo.es |
Category: XSS |
Pagerank: 4 |
|---|
URL: http://adspecs.yahoo.es/wp-content/plugins/spectacular/ajax.php?ys_action=addtocart&cb=0%2E536317165
7806182&pgid=4205&prop=1%3C/title%3E%3CScRiPt%20%0d%0a%3Ealert(document.cookie)%3B%3C/ScRiPt%3E |
|
Click here to view the mirror
|
|
|
| 
