Title: Mapquest.com Cross-Site scripting vulnerability
Provided by: cm` cmthemc[at]yahoo.com
----------------

 Mapquest.com is an online mapping system that provides both maps and driving directions to a location inputted by a   user. Unfortunately their website suffers from a Cross Site scripting vulnerability that could allow an attacker to luer an unsuspecting victim into a javascript trap.

-----------------
Impact: Medium
-----------------

Analysis:
  - By forming a carefully crafted URL a remote attacker has the ability to perform cross site scripting on the mapquest.com website. The main file mapquest uses to search is db for directions suffers from limited bounds checking while parsing a url that allows an attacker to enter in javascript and HTML code.

Example:
 http://www.mapquest.com/directions/main.adp?go=1&do=nw&2ex=1&src=maps&ct=NA&1y=US&1a=%3Cscript%3Ealert%28%27please+contact+cmthemc@yahoo.com+for+any+further+info%27%29%3B%3C%2Fscript%3E&1p=&1c=gainesville&1s=fl&1z=&1ah=&2a=1+N+Main+St&2s=FL&2c=Gainesville&2ic=31&2ex=1&2g=cYqEnQwjKv4%253d&2y=US&2z=32601-5323&2l=%252fTDXcswSWqE%253d&lr=2&x=0&y=0

-----------------
Vendor Status:
-----------------

 08/13/2003 - info@mapquest.com notified
 08/15/2003 - Public Disclosure