Unfixed XSS vulnerability at codici.wapka.mobi

2011-12-20T00:00:00
ID XSSED:74770
Type xssed
Reporter Snypter Dhruv
Modified 2011-12-21T00:00:00

Description

Security researcher Snypter Dhruv, has submitted on 20/12/2011 a cross-site-scripting (XSS) vulnerability affecting codici.wapka.mobi, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 21/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://codici.wapka.mobi/search.xhtml?PHPSESSID=be8d9c00f7b9670e8661b9acff1ec2a5&hladany_vyraz=%22%3E%3Cscript%3Ealert%28%2FXssed+by+Snypter%2F%29%3C%2Fscript%3E&spid=4178373&sph=764f2efbbb5e491cac41397ffa804532