Unfixed XSS vulnerability at home.lebspy.com

2009-09-05T00:00:00
ID XSSED:60450
Type xssed
Reporter Edgard Chammas [454447415244]
Modified 2011-09-12T00:00:00

Description

Security researcher Edgard Chammas [454447415244], has submitted on 09/05/2009 a cross-site-scripting (XSS) vulnerability affecting home.lebspy.com, which at the time of submission ranked 595218 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 09/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://home.lebspy.com/fakemailer/sendmail.php?msg=%3CIFRAME%20WIDTH=960%20HEIGHT=400%20SRC=//google.com%3E