Fixed XSS vulnerability at www.vpnwars.com

2009-05-23T00:00:00
ID XSSED:61013
Type xssed
Reporter m4x
Modified 2009-05-23T00:00:00

Description

Security researcher m4x, has submitted on 23/05/2009 a cross-site-scripting (XSS) vulnerability affecting www.vpnwars.com, which at the time of submission ranked 256383 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 23/05/2009. It is currently fixed.

Vulnerable URL: http://www.vpnwars.com/meteor/vpn/meteorstore/earn_credits/?offer_type=all&current_page=3%22%3E%3Cscript%3Edocument.write(%27%3Cfont%20size=%227%22%20color=%22red%22%3E%3Cmarquee%3EXSS%20BY%20M4X%3C/marquee%3E%3C/font%3E%27);alert(%22xss%20by%20m4x%22);%3C/script%3E&ajax=true