Lucene search

K
xssedA.D.TXSSED:8057
HistoryMay 20, 2007 - 12:00 a.m.

Unfixed XSS vulnerability at www.letsgo.ch

2007-05-2000:00:00
A.D.T
www.xssed.com
14

Security researcher A.D.T, has submitted on 20/05/2007 a cross-site-scripting (XSS) vulnerability affecting www.letsgo.ch, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 20/05/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.letsgo.ch/site/index.cfm?fuseaction=home.noArticle&id_trying_art=<body onload=alert(/a.d.t/)>&vsprache=DE&CFID=7548995&CFTOKEN=10803808

References