Unfixed XSS vulnerability at www.leprevert-nozay.com

2009-06-05T00:00:00
ID XSSED:60344
Type xssed
Reporter Mystick
Modified 2010-06-14T00:00:00

Description

Security researcher Mystick, has submitted on 06/05/2009 a cross-site-scripting (XSS) vulnerability affecting www.leprevert-nozay.com, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 14/06/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.leprevert-nozay.com/recherche.php?q=%27%22%3E%3Cmarquee%3E%3Cimg+src%3Dk.png+onerror%3Dalert(%2FXSS%2F.source)+%2F%3E