Unfixed XSS vulnerability at mrchildren.jpn.org

2007-10-22T00:00:00
ID XSSED:23862
Type xssed
Reporter kusomiso.com
Modified 2007-04-11T00:00:00

Description

Security researcher kusomiso.com, has submitted on 22/10/2007 a cross-site-scripting (XSS) vulnerability affecting mrchildren.jpn.org, which at the time of submission ranked 3544 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 04/11/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://mrchildren.jpn.org/mr/test/ir.cgi/%22%3E'%3E%3CIFRAME%20SRC=javascript:alert('kusomiso.com');%3E%3C/IFRAME%3E