Unfixed XSS vulnerability at new1.yoqoounion.com

2007-12-05T00:00:00
ID XSSED:7130
Type xssed
Reporter s0m.ph
Modified 2007-12-05T00:00:00

Description

Security researcher s0m.ph, has submitted on 12/05/2007 a cross-site-scripting (XSS) vulnerability affecting new1.yoqoounion.com, which at the time of submission ranked 42104 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/05/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://new1.yoqoounion.com/adscode/shipin/468-60.asp?from=3120&goto=21&typeid=17&PN=a6931d70ed324876428780a01a8def5b&urls=http://www.mmxxdd.com/category.php?categ=%22%3E%3Cscript%3Ealert(%22s0m.ph%22);%3C/script%3E&gotourl=http://www.youku.com/&u2name=yoqoo