New eVuln Advisory:
email XSS in SimpLISTic
Summary: http://evuln.com/vulns/145/summary.html 
Details: http://evuln.com/vulns/145/description.html 

-----------Summary-----------
eVuln ID: EV0145
Software: SimpLISTic
Vendor: Mrcgiguy
Version: 2.0
Critical Level: low
Type: Cross Site Scripting
Status: Unpatched. No reply from developer(s)
PoC: Available
Solution: Available
Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ )
--------Description--------
XSS vulnerability found in email.cgi script. 'email' parameter is not properly sanitized. 
'email' parameter pass through similar filter but not XSS filter. 
Any user may add email containing special code. 
"List addresses" page in Admin panel is vulnerable.
--------PoC/Exploit--------

Example of XSS
email XSS PoC code for SimpLISTic is available.

XSS
Email: email@website.com</textarea><script>alert('XSS vulnerability')</script>
---------Solution----------
Available at http://evuln.com/vulns/145/solution.html 
----------Credit-----------
Vulnerability discovered by Aliaksandr Hartsuyeu
http://evuln.com/xss/ - recent xss vulns.