Unfixed XSS vulnerability at surveycentral.org

ID XSSED:58046
Type xssed
Reporter JonStockton
Modified 2010-06-14T00:00:00


Security researcher JonStockton, has submitted on 11/02/2009 a cross-site-scripting (XSS) vulnerability affecting surveycentral.org, which at the time of submission ranked 323167 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 14/06/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://surveycentral.org/user/%3Cb%20onmouseover=%22alert(1)%22%3EClick%20on%20this%20in%20order%20to%20see%20the%20correct%20match%3C/b%3E)!%3C!---.html