Team INTRA discovered the XSS vulnerability in iPetitions website. Unfortunately it is Persistent type, permanent storage of malicious script. iPetitions Provides free petition creation and database tools. Petitions can be hosted for free at iPetitions, or the tools can be easily integrated with an existing site.
Vulnerability Information:
- Type: XSS(Persistent)
- Alert: Critical
- site:http://www.ipetitions.com
- Demo: http://www.ipetitions.com/petition/danuk/
- Status : Unfixed
Also they discovered the XSS vulnerability in CyberGhost VPN site.
