Unfixed XSS vulnerability at www.winchesterguns.com

ID XSSED:46715
Type xssed
Reporter skathgh420
Modified 2008-06-08T00:00:00


Security researcher skathgh420, has submitted on 01/08/2008 a cross-site-scripting (XSS) vulnerability affecting www.winchesterguns.com, which at the time of submission ranked 197648 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 06/08/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.winchesterguns.com/results.asp?find=%3Cscript%3Ealert%28%22iBlaze%22%29%3C%2Fscript%3E&Submit.x=0&Submit.y=0&Submit=Submit&category=0