Unfixed XSS vulnerability at local.virtualchestercounty.com

2007-05-14T00:00:00
ID XSSED:7212
Type xssed
Reporter MaXWeL
Modified 2007-05-15T00:00:00

Description

Security researcher MaXWeL, has submitted on 14/05/2007 a cross-site-scripting (XSS) vulnerability affecting local.virtualchestercounty.com, which at the time of submission ranked 2357446 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 15/05/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://local.virtualchestercounty.com/utilities/popup_calendar.cfm?formName="><script>alert("Cyber-Warrior.org")</script>