MitakeSearch cross-site scripting vulnerability
Overview MitakeSearch, a fulltext search system from Hewlett-Packard Japan, contains a cross-site scripting vulnerability due to improper validation of input character strings in the ranking CGI script file, ranking.pl. Impact A malicious script may be executed on the user's web browser. Solution...