Unfixed XSS vulnerability at search2.openobjects.com

2007-06-14T00:00:00
ID XSSED:10013
Type xssed
Reporter Stuarty
Modified 2007-06-14T00:00:00

Description

Security researcher Stuarty, has submitted on 14/06/2007 a cross-site-scripting (XSS) vulnerability affecting search2.openobjects.com, which at the time of submission ranked 49740 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 14/06/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://search2.openobjects.com/kbroker/metoffice/metoffice/search/search.lsim?&ha=%22%3C/script%3E%3Cscript%3Ealert('By%20-%20Stuarty');%3C/script%3E%3C/a%3E