Security researcher TreX, has submitted on 21/12/2007 a cross-site-scripting (XSS) vulnerability affecting www.simonsays.com, which at the time of submission ranked 44172 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 08/01/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.
Vulnerable URL: http://www.simonsays.com/content/ene/search.cfm?N=0&Ntk=ALL&Nty=1&Ntx=mode%2Bmatchallpartial&Ns=P_FORMATSORTGROUP|0||CP_PUBDATEGAP|0&Nr=AND(Subsite%3ASimonSays%2CCP_IDENTIFIER%3ATITLES)&D=how+to+rig+an+election&Ntt=how+to+rig+an+election&Dn=23424&x=12&y="><script>alert(βTreXβ)</script>