Unfixed XSS vulnerability at www.acr.ch

2009-07-28T00:00:00
ID XSSED:63144
Type xssed
Reporter modakabam
Modified 2010-11-21T00:00:00

Description

Security researcher modakabam, has submitted on 28/07/2009 a cross-site-scripting (XSS) vulnerability affecting www.acr.ch, which at the time of submission ranked 273251 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 21/11/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.acr.ch/shop/index.php?sid=1248784367487096324&itemno=ZE-NC510&aid="><script>alert(document.cookies)</script>