Unfixed XSS vulnerability at www.shorox.com

2007-09-20T00:00:00
ID XSSED:18351
Type xssed
Reporter Wild.D3f4c3r
Modified 2007-09-24T00:00:00

Description

Security researcher Wild.D3f4c3r, has submitted on 20/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.shorox.com, which at the time of submission ranked 285805 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 24/09/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.shorox.com/go/?query=%3Cscript%3Ealert('%54%68%69%73%20%53%69%74%65%20%48%61%63%6b%65%64%20%42%79%20%49%72%61%6e%20%42%6f%79%73%20%48%61%63%6b%69%6e%67%20%54%45%41%4d%20%2d%2d%57%69%6c%64%2e%64%33%66%34%63%33%72%20%57%61%73%20%48%65%72%65')%3C/script%3E&search=1