XSS vulnerability through search results page.
The search query is sent as a GET parameter and although escaped correctly in the HTML form, it is not escaped within a block of JavaScript. This allows code to be rendered directly from a malicious URL.
var pageOptions = {
'pubId' : 'pub-8303766899021786',
'query' : ''};alert(document.cookie);var b = {'bob':' freelance',
'channel' : '6264613588'
};
Reported Fixed
Back