Unfixed XSS vulnerability at buscador.laverdad.es

ID XSSED:29781
Type xssed
Reporter n0b0dy
Modified 2007-12-23T00:00:00


Security researcher n0b0dy, has submitted on 21/12/2007 a cross-site-scripting (XSS) vulnerability affecting buscador.laverdad.es, which at the time of submission ranked 12956 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 23/12/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://buscador.laverdad.es/search.php?as_qt=w&as_q=%22%3E%3Ch1%3EXss%20by%20n0b0dy%3C%2Fh1%3E%3Ciframe%20src=http://xssed.com%3E&as_eqt=w&as_eq=&as_dt=i&as_sitesearch=&lr=&num=10&btnG2=Comen