Unfixed XSS vulnerability at admin.he.net

2007-04-15T00:00:00
ID XSSED:6134
Type xssed
Reporter bill
Modified 2007-04-16T00:00:00

Description

Security researcher bill, has submitted on 15/04/2007 a cross-site-scripting (XSS) vulnerability affecting admin.he.net, which at the time of submission ranked 22376 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 16/04/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: https://admin.he.net/index.cgi?user=&auth=&menu=main&account=%3Cscript%3Ealert%280%29%3C%2Fscript%3E