Unfixed XSS vulnerability at jobs.lowyat.net

2012-01-01T00:00:00
ID XSSED:75274
Type xssed
Reporter Fikri Fadzil
Modified 2012-09-01T00:00:00

Description

Security researcher Fikri Fadzil, has submitted on 01/01/2012 a cross-site-scripting (XSS) vulnerability affecting jobs.lowyat.net, which at the time of submission ranked 3065 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 09/01/2012. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://jobs.lowyat.net/?s="><script>alert(1)</script><input+type="hidden&location=&x=0&y=0&radius=1