Security researcher Mystick, has submitted on 08/04/2009 a cross-site-scripting (XSS) vulnerability affecting forecast.weather.gov, which at the time of submission ranked 1257 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 08/05/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 08/04/2009 |
Date published: 08/05/2009 |
Fixed? Mail us! | Status: UNFIXED |
Author: Mystick |
Domain: forecast.weather.gov |
Category: XSS |
Pagerank: 1257 |
URL: http://forecast.weather.gov/wwamap/wwatxtget.php?cwa=usa&wwa=%22%3E%3Cmarquee%3E%3Cimg%20src=k.png%2 0onerror=alert(/XSS/.source)%20/%3E |
Click here to view the mirror
|
|
|