Unfixed XSS vulnerability at offf.miur.it

2009-01-23T00:00:00
ID XSSED:57296
Type xssed
Reporter hanicker
Modified 2010-07-07T00:00:00

Description

Security researcher hanicker, has submitted on 23/01/2009 a cross-site-scripting (XSS) vulnerability affecting offf.miur.it, which at the time of submission ranked 76632 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 07/07/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://offf.miur.it/advanced.html?lingua=it&tpl=offf&laureePrimoLivello=0&laureeSecondoLivello=1&_aree=on&aree=2&_aree=on&_aree=on&_aree=on&classi=&citta=&universita=&facolta=&anniAccademici=2008&espressioneParoleChiave=infor%27%22%3E%3Cscript%3Ealert(123)%3C/script%3Ematica&Invia=Cerca