Unfixed XSS vulnerability at www.marthastewart.com

2007-09-21T00:00:00
ID XSSED:18445
Type xssed
Reporter Johnjuan728
Modified 2007-09-24T00:00:00

Description

Security researcher Johnjuan728, has submitted on 21/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.marthastewart.com, which at the time of submission ranked 8852 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 24/09/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.marthastewart.com/portal/site/mslo/menuitem.e28a2ad6d3341f8836eb9e2bd373a0a0?vgnextoid=42cacf380e1dd010VgnVCM1000005b09a00aRCRD&rsc=search_header&autonomy_kw=%3Cscript%3Ealert%28%22XSS+found+by+Johnjuan728%22%29%3C%2Fscript%3E&x=375&y=52