Clario: RXSS on unsubscribe feature (affiliates.kromtech.com)

Summary Reflected Cross-Site Scripting attack on affiliates.kromtech.com domain. The problem in email parameter in /unsubscribe script that takes GET parameter and pass value of this parameter directly to HTML code of the page. Step to reproduce...