Unfixed XSS vulnerability at ssl.omnihotels.com

ID XSSED:37084
Type xssed
Reporter C1c4Tr1Z
Modified 2008-04-30T00:00:00


Security researcher C1c4Tr1Z, has submitted on 29/04/2008 a cross-site-scripting (XSS) vulnerability affecting ssl.omnihotels.com, which at the time of submission ranked 46251 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 30/04/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: https://ssl.omnihotels.com/Omni?Perseus_state=clear&lang_code=%3Cimg+src=.+onerror=alert(/Hacker_Safe??_XSS_by_C1c4Tr1Z/)%3E