Unfixed XSS vulnerability at assistivetech.net

ID XSSED:27960
Type xssed
Reporter Genocide
Modified 2007-10-12T00:00:00


Security researcher Genocide, has submitted on 07/12/2007 a cross-site-scripting (XSS) vulnerability affecting assistivetech.net, which at the time of submission ranked 1352979 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 10/12/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://assistivetech.net/search/searchAllSiteSuccess.php?searchTerm=%22%22%3E%3E%3C%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%2FXSS%2F%29%3C%2FSCRIPT%3E&searchsubmit.x=13&searchsubmit.y=6&searchsubmit=Go