Unfixed XSS vulnerability at www.free-888.com

ID XSSED:57020
Type xssed
Reporter Viper.aT
Modified 2009-01-30T00:00:00


Security researcher Viper.aT, has submitted on 16/01/2009 a cross-site-scripting (XSS) vulnerability affecting www.free-888.com, which at the time of submission ranked 3515204 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 30/01/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.free-888.com/de/registration.htm?brand=poker&lang=de&s=853375832250136156&sr=465390&flag=0000&bc=0&anid=0&ic=0&gid=1%27%22%3E%3Cscript%3Ealert(%27XSS%20by%20Viper.aT%27)%3C/script%3E%3Ch1%3EXSSED%3C/h1%3E&rg=0