Unfixed XSS vulnerability at www.jdsports.co.uk

ID XSSED:71585
Type xssed
Reporter trv
Modified 2011-11-12T00:00:00


Security researcher trv, has submitted on 08/01/2011 a cross-site-scripting (XSS) vulnerability affecting www.jdsports.co.uk, which at the time of submission ranked 27154 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.jdsports.co.uk/webapp/wcs/stores/servlet/CatalogSearchResultView?freeText=sarette%22%3E%3Ciframe+src%3D%22http%3A%2F%2Fxssed.com%22%3E