Lucene search

K
xssedCueballrXSSED:34474
HistoryMar 24, 2008 - 12:00 a.m.

Fixed XSS vulnerability at www.preisroboter.de

2008-03-2400:00:00
cueballr
www.xssed.com
3

Security researcher cueballr, has submitted on 24/03/2008 a cross-site-scripting (XSS) vulnerability affecting www.preisroboter.de, which at the time of submission ranked 8387 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 26/03/2008. It is currently fixed.

Vulnerable URL: http://www.preisroboter.de/search.php?search=<script>alert('cueballr')<%2Fscript>&x=0&y=0&min=&max=