| 
 
| Security researcher XSSLotion, has submitted on 01/12/2008 a cross-site-scripting (XSS) vulnerability affecting search.expedia.com, which at the time of submission ranked 458 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/02/2009. It is currently fixed.
 |  
              | Date submitted: 01/12/2008 | Date published: 16/02/2009 | Date fixed: 05/02/2010 | Status:  FIXED |  
| Author: XSSLotion | Domain: search.expedia.com | Category: XSS | Pagerank: 458 | 
|---|
 
 
| URL: http://search.expedia.com/socialsearch/query?st=1&cn=expedia&cc=www&q=';alert(String.fromCharCode(88 ,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";aler
 |  
| Click here to view the mirror |  
|  |  |