Unfixed XSS vulnerability at search-ext.sri.com

2007-09-29T00:00:00
ID XSSED:20455
Type xssed
Reporter Dr.Optix
Modified 2007-04-10T00:00:00

Description

Security researcher Dr.Optix, has submitted on 29/09/2007 a cross-site-scripting (XSS) vulnerability affecting search-ext.sri.com, which at the time of submission ranked 153917 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 04/10/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://search-ext.sri.com/search?q=%22%3E%3Cscript%3Ealert%28%22XSSed+by+Dr.Optix%22%29%3C%2Fscript%3E&btnG=Google+Search&entqr=0&output=xml_no_dtd&sort=date%3AD%3AL%3Ad1&ie=UTF-8&btnG.y=0&client=default_frontend&btnG.x=0&ud=1&site=default_collection&oe=UTF-8&proxystylesheet=default_frontend