Security researcher 0ssi3, has submitted on 11/02/2007 a cross-site-scripting (XSS) vulnerability affecting search.nba.com, which at the time of submission ranked 126 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/02/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 11/02/2007 |
Date published: 12/02/2007 |
Fixed? Mail us! | Status: UNFIXED |
Author: 0ssi3 |
Domain: search.nba.com |
Category: XSS |
Pagerank: 126 |
URL: http://search.nba.com/search/promosearch?sp_a=sp10033e5e&sp_f=ISO-8859-1&sp-t=nba&sp_advanced=&sp_q= XSS%3A%29%3F&x="><script>alert('Zuhaha+0ssi3_TR')</script> |
Click here to view the mirror
|
|
|