GraFa
GraFa copied to clipboard
XSS vulnerability
Raw user content is included into the results page, leading to potential issues with XSS for keyword queries like:
1"><script>alert(150)</script>
A quick solution (not requiring code changes) is to use the following guide: http://www.servletsuite.com/servlets/xssflt.htm