Youku open platform storage type XSS script attack vulnerability success hijacking the background-bug warning-the black bar safety net

Youku open platform in the“Create an application”feature of the plurality of fields, not from the client to submit the variables into the database, the output of the safety of the escape process. http://open.youku.com/app/create ! Lead can be directly stepped into the background. Vulnerability...