Unfixed XSS vulnerability at webrecruit.net

2007-08-23T00:00:00
ID XSSED:14526
Type xssed
Reporter Dr.Optix
Modified 2007-08-24T00:00:00

Description

Security researcher Dr.Optix, has submitted on 23/08/2007 a cross-site-scripting (XSS) vulnerability affecting webrecruit.net, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 24/08/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://webrecruit.net/results-b.jsp?searchTerm=%3Cscript%3Ealert%28%27Dr.Optix+%3A%3A+XSS+%3A%3A+PoC%27%29%3C%2Fscript%3E&x=24&y=9&domainName=webrecruit.net&w=false&afdt=sn0i6vjAoLAKEwinn-bniYyOAhUhshoKHfxIS7UQBBgDIAAwivCgAzgN&searchbox=y