Fixed XSS vulnerability at maxim.resultspage.com

2007-07-08T00:00:00
ID XSSED:13424
Type xssed
Reporter Darkster
Modified 2007-08-08T00:00:00

Description

Security researcher Darkster, has submitted on 07/08/2007 a cross-site-scripting (XSS) vulnerability affecting maxim.resultspage.com, which at the time of submission ranked 8984 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 08/08/2007. It is currently fixed.

Vulnerable URL: http://maxim.resultspage.com/search?SESSID=6c623b3a37172bc2b3fa7c3902703290&w=%22%3E%3C%2Ftitle%3E%3C%2Fscript%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E+%22onmouseover%3D%22alert%281%29%22+onmouseover%3Dalert%281%29&x=16&y=9