Unfixed XSS vulnerability at www.jackssmallengines.com

ID XSSED:49094
Type xssed
Reporter SaMTHG
Modified 2008-09-20T00:00:00


Security researcher SaMTHG, has submitted on 30/08/2008 a cross-site-scripting (XSS) vulnerability affecting www.jackssmallengines.com, which at the time of submission ranked 98635 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 20/09/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.jackssmallengines.com/searchresults.cfm?cx=008737122150761418589%3Ac24nnqwh7co&cof=FORID%3A11&q=%22%3E%3Cscript%3Ealert('XSS')%3C%2Fscript%3E&sa.x=0&sa.y=0#212