org.wso2.carbon.registry.search is vulnerable to cross-site scripting. The vulnerability exists in the advancedSearchForm-ajaxprocessor.jsp
due to a lack of encoding request parameters which allows an attacker to inject and execute malicious JavaScript.