Unfixed XSS vulnerability at www.ladyproblems.com

2008-04-24T00:00:00
ID XSSED:36587
Type xssed
Reporter SeeD
Modified 2008-04-25T00:00:00

Description

Security researcher SeeD, has submitted on 24/04/2008 a cross-site-scripting (XSS) vulnerability affecting www.ladyproblems.com, which at the time of submission ranked 2975742 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 25/04/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.ladyproblems.com/%3Cscript%3Ealert%28/xss/%29%3B%3C/script%3E.cfm?pt=2&sp=2&ycs=%2BqWEgB7wUAc%3D&qs=06oENya4ZGJbKUjvjwGtnG1Ko75B8FLYQRAk9dS-0nHqNKQpTrh3EKfbsv629c3WbnGZ9xk6b9nYXwJPdLbmrDnqkBeiWlk9Z0dVvyReKZvWSwrIB-3xojvEb8uC-bdsoUlwc9Kp4m9IBCm7fZ33bHn9i371ixzMHQya_G7M8MZRdCeUuw90mJAWgWH0AJ-efIcC17UnI7AoR5FVuuX9id2GRrit5F3isSFJbTrnKJOx3CjIIgdC790QKUZI-tSL_j0JlFBHf_2kJfWsoAAGO7f4iFiCULAsXJXbNqZ1MQC5sJy6zo,YT0z&vid=1207776773_2X02X835699998&rpt=2&kt=1