Security Vulnerabilities Reported


XSS vulnerability through search form.

The search query is sent as a GET parameter and is not escaped when rendered back in various places on the page, including the heading shown below, this allows code to be rendered directly from a malicious URL.

 <span class="localizedTextKey" data-key="WeCouldNotFindAnyResultsFor">
  We could not find any results for

Reported Fixed