Security researcher parad0x, has submitted on 25/11/2007 a cross-site-scripting (XSS) vulnerability affecting www.nba.com, which at the time of submission ranked 258 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 29/11/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 25/11/2007 |
Date published: 29/11/2007 |
Fixed? Mail us! | Status: UNFIXED |
Author: parad0x |
Domain: www.nba.com |
Category: XSS |
Pagerank: 258 |
URL: http://www.nba.com/rm/login.jsp?fan=true&dest=%22%3E%3Cscript%3Ealert('parad0x')%3C/script%3E |
Click here to view the mirror
|
|
|