Security Vulnerabilities Reported


XSS vulnerability through search results page.

The search query is sent as a GET parameter and is not completely escaped when presented back to the user. This allows code to be rendered directly from a malicious URL.

<div class="showing"> No results found for '<img src=>'. Please try another search term. </div>

Reported Fixed