Unfixed XSS vulnerability at app.tjrj.jus.br

2011-12-22T00:00:00
ID XSSED:74944
Type xssed
Reporter NetFuzzer
Modified 2011-12-23T00:00:00

Description

Security researcher NetFuzzer, has submitted on 22/12/2011 a cross-site-scripting (XSS) vulnerability affecting app.tjrj.jus.br, which at the time of submission ranked 14985 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 23/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://app.tjrj.jus.br/portal/seguranca/passoSeguro.jsp?SISTEMA=Di%C3%A1rio%20da%20Justi%C3%A7a%20Eletr%C3%B4nico&URLREDIREC=javascript:alert(document.cookie)