Unfixed XSS vulnerability at www.cs.tufts.edu

ID XSSED:15002
Type xssed
Reporter MEFISTO
Modified 2007-08-30T00:00:00


Security researcher MEFISTO, has submitted on 28/08/2007 a cross-site-scripting (XSS) vulnerability affecting www.cs.tufts.edu, which at the time of submission ranked 18775 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 30/08/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.cs.tufts.edu/comp/150NET/notes/logging.php?include=<script>alert('MEFISTO');</script>