Unfixed XSS vulnerability at www.ud.net.au

2010-09-10T00:00:00
ID XSSED:69696
Type xssed
Reporter SeeMe
Modified 2011-12-20T00:00:00

Description

Security researcher SeeMe, has submitted on 09/10/2010 a cross-site-scripting (XSS) vulnerability affecting www.ud.net.au, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.ud.net.au/WebResource.axd?d=CTFL97y67h8B81gqmYb3ZA2&%3Cscript%3Ealert%28%27ASP.NET%20Padding%20Oracle%20Variable%20To%20Xss%27+document.cookie%29%3C/script%3E;t=633317928228455727