U.S. Dept Of Defense: POST XSS - fields[account][firstname] parameter

A cross-site scripting XSS vulnerability was discovered in a parameter named "fieldsaccountfirstname" that was processed via the POST method. The vulnerability allowed the injection of malicious scripts that could be executed when the affected page was loaded. The impact of the vulnerability was...