Security researcher PaPPy, has submitted on 24/10/2011 a cross-site-scripting (XSS) vulnerability affecting sitereview.cwfservice.net, which at the time of submission ranked 5644664 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 08/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.
Vulnerable URL: http://sitereview.cwfservice.net/catdesc.jsp?catnum=33&catmap=8&locale=null'); alert('1');"><imgsrc=x onerror=alert(1);>