Unfixed XSS vulnerability at www.searchmedica.fr

ID XSSED:51565
Type xssed
Reporter death-angel
Modified 2010-09-04T00:00:00


Security researcher death-angel, has submitted on 06/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.searchmedica.fr, which at the time of submission ranked 451138 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 09/04/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.searchmedica.fr/search.do?q="%2F><iframe+src%3D"http%3A%2F%2Fwww.xssed.com"%2F>&useraction=search&ss=defLink&c=main&oq="%2F><iframe+src%3D"http%3A%2F%2Fwww.xssed.com"%2F><marquee>xss+death-angel