Security researcher Narcoticxs, has submitted on 18/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.energystar.gov, which at the time of submission ranked 70635 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 19/09/2007. It is currently fixed. |
Date submitted: 18/09/2007 |
Date published: 19/09/2007 |
Date fixed: 15/01/2008 | Status: FIXED |
Author: Narcoticxs |
Domain: www.energystar.gov |
Category: XSS |
Pagerank: 70635 |
URL: http://www.energystar.gov/index.cfm?fuseaction=search.showResults&output=xml_no_dtd&oe=UTF-8&ie=UTF- 8&q="><script>alert(document.cookie)</script>><marquee><h1>By+Narcoticxs</h1></marquee> |
Click here to view the mirror
|
|
|