Unfixed XSS vulnerability at www.sicilynews.com

2007-01-05T00:00:00
ID XSSED:6817
Type xssed
Reporter Scr34M
Modified 2007-02-05T00:00:00

Description

Security researcher Scr34M, has submitted on 01/05/2007 a cross-site-scripting (XSS) vulnerability affecting www.sicilynews.com, which at the time of submission ranked 9050122 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 02/05/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.sicilynews.com/search-news.cfm?keys=%22%3E%22%3E%3Cscript%3Ealert(%22Scr34M%22);%3C/script%3E&op=and