Unfixed XSS vulnerability at www.nrc.nl

2007-10-05T00:00:00
ID XSSED:7033
Type xssed
Reporter A3on
Modified 2007-10-05T00:00:00

Description

Security researcher A3on, has submitted on 10/05/2007 a cross-site-scripting (XSS) vulnerability affecting www.nrc.nl, which at the time of submission ranked 14401 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 10/05/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.nrc.nl/action?action=login&autoInlog=true&goto=http%3A%2F%2Farchief.nrc.nl%2F%3Fmodus%3Ds%26text%3D%5C%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E