Security researcher XSSLotion, has submitted on 01/12/2008 a cross-site-scripting (XSS) vulnerability affecting search.expedia.com, which at the time of submission ranked 458 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 16/02/2009. It is currently fixed. |
| Date submitted: 01/12/2008 |
Date published: 16/02/2009 |
Date fixed: 05/02/2010 | Status:  FIXED |
| Author: XSSLotion |
Domain: search.expedia.com |
Category: XSS |
Pagerank: 458 |
|---|
URL: http://search.expedia.com/socialsearch/query?st=1&cn=expedia&cc=www&q=';alert(String.fromCharCode(88
,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";aler |
|
Click here to view the mirror
|
|
|
| 
