LibAnalytics Springshare Cross Site Scripting

`# Exploit Title: LibAnalytics Springshare Cross Site Scripting  
# Date: 6.02.2012  
# Author: Sony  
# Software Link: http://springshare.com/libanalytics/  
# Web Browser: Mozilla Firefox  
# Blog: http://st2tea.blogspot.com  
# PoC:  
http://st2tea.blogspot.com/2012/02/libanalytics-springshare-cross-site.html  
..................................................................  
  
Well, we have xss in the login.php [Email]  
  
Our xss code:  
  
http://codepad.org/LqL68vIQ  
  
Demo:  
  
https://libanalytics.com/login.php?iid=1  
  
http://4.bp.blogspot.com/-ePC-0-sNf3w/TzAIyKXliNI/AAAAAAAAAa8/nBT7z8kPV2Y/s1600/an.JPG  
  
Also..we can see who use LibAnalytics:  
  
https://libanalytics.com/login.php?iid=1  
https://libanalytics.com/login.php?iid=2  
https://libanalytics.com/login.php?iid=3  
https://libanalytics.com/login.php?iid=4  
..  
https://libanalytics.com/login.php?iid=100  
https://libanalytics.com/login.php?iid=103  
etc..  
..................................................................  
  
InSecurity.Ro  
  
Because we care, we're security aware!  
`