Fixed XSS vulnerability at www.saratoga-springs.org

2009-03-26T00:00:00
ID XSSED:59123
Type xssed
Reporter bho
Modified 2009-05-27T00:00:00

Description

Security researcher bho, has submitted on 26/03/2009 a cross-site-scripting (XSS) vulnerability affecting www.saratoga-springs.org, which at the time of submission ranked 1939305 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 27/05/2009. It is currently fixed.

Vulnerable URL: http://www.saratoga-springs.org/docs/XSCLayoutListView.asp?SS=%3Cscript%3Ealert(%27XSS%20by%20bho%27);document.body.innerHTML=%27XSS%20by%20bho%27;%3C/script%3E&submit=GO&ID=SEARCH