Unfixed XSS vulnerability at www.nihrc.org

ID XSSED:64762
Type xssed
Reporter Phreakaz0id
Modified 2011-12-20T00:00:00


Security researcher Phreakaz0id, has submitted on 09/10/2009 a cross-site-scripting (XSS) vulnerability affecting www.nihrc.org, which at the time of submission ranked 5900917 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.nihrc.org/index.php?zoom_query=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&x=0&y=0&page=search&Itemid=2&zoom_per_page=10&zoom_and=0&zoom_sort=0