Security researcher TurKPoweR, has submitted on 26/04/2009 a cross-site-scripting (XSS) vulnerability affecting en.mcdonalds.fantasy.fifa.com, which at the time of submission ranked 2416 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 09/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 26/04/2009 |
Date published: 09/12/2011 |
Fixed? Mail us! | Status: UNFIXED |
Author: TurKPoweR |
Domain: en.mcdonalds.fantasy.fifa.com |
Category: XSS |
Pagerank: 2416 |
URL: http://en.mcdonalds.fantasy.fifa.com/M/stats.mc?stat=leaders&phase=>"><ScRiPt%20%0a%0d>alert(12345,4 252048958)%3B</ScRiPt>&page=2 |
Click here to view the mirror
|
|
|