Unfixed XSS vulnerability at www.parslib.com

2010-11-23T00:00:00
ID XSSED:70867
Type xssed
Reporter P.Daneshmand
Modified 2011-12-13T00:00:00

Description

Security researcher P.Daneshmand, has submitted on 23/11/2010 a cross-site-scripting (XSS) vulnerability affecting www.parslib.com, which at the time of submission ranked 854412 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.parslib.com/web/guest/home?_58_struts_action=/login/create_account&p_p_id=1%3CScRiPt%3Eprompt%28123%29%3C%2fScRiPt%3E&p_p_lifecycle=1&p_p_mode=view&p_p_state=maximized&saveLastPath=0