Unfixed XSS vulnerability at www.ebreggae.com

2009-05-27T00:00:00
ID XSSED:61164
Type xssed
Reporter tenest
Modified 2010-07-18T00:00:00

Description

Security researcher tenest, has submitted on 27/05/2009 a cross-site-scripting (XSS) vulnerability affecting www.ebreggae.com, which at the time of submission ranked 424386 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 18/07/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.ebreggae.com/Home.asp?FFID=24411391&X3CQ2=none&X3LE=&X3AID=&X3AAN=&X3QT=NewSearch&X3SO=&X3A=%22%3E%3Cscript%3Ealert(%27xssed%27)%3C/script%3E&X3F=ALL&X3R=ALL&X3RY=ALL&X3L=ALL&X3TA=a&X3AZ=1&X3LR=a&X3TL=a&submit2.x=0&submit2.y=0&X3LEL3=&X3AIDL3=&X3AANL3=&X3QTL3=NewReleases7Days&X3AL3=&X3FL3=&X3RL3=&X3RYL3=&X3LL3=&X3LRL3=&X3SR=1&X3P=1&X3PQ=&X3CARTCQ=no&ChkSFTxt=&RADBTxt=7&NROTxt=&SSFTxt=&SSSTxt=