MTN Group: XSS at http://nextapps.mtnonline.com/search/suggest/q/{xss payload}

PoC http://nextapps.mtnonline.com/search/suggest/q/xss1337 Symbols are no filtered that alloweds to inject HTML code. Response has content-type: text/html F1353600 Impact XSS at nextapps.mtnonline.com...