Unfixed XSS vulnerability at www.marblehead.org

ID XSSED:10409
Type xssed
Reporter eX0dus
Modified 2007-06-22T00:00:00


Security researcher eX0dus, has submitted on 22/06/2007 a cross-site-scripting (XSS) vulnerability affecting www.marblehead.org, which at the time of submission ranked 1953895 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 22/06/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.marblehead.org/index.asp?nid=-404&badlink=/index.asp?NID=477><script>alert("ex0")</script>