Unfixed XSS vulnerability at www.americasarmy.com

ID XSSED:45608
Type xssed
Reporter TurKPoweR
Modified 2009-10-06T00:00:00


Security researcher TurKPoweR, has submitted on 17/07/2008 a cross-site-scripting (XSS) vulnerability affecting www.americasarmy.com, which at the time of submission ranked 27779 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 10/06/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.americasarmy.com/realheroes/index.php?id="><script>alert('HACKED%20By%20TurKPoweR')</script><h1>Defaced%20By%20TurKPoweR</h1>='%22%3E%3Ciframe%20src=http://xssed.com%3E