Adobe Experience suffers from a reflected cross site scripting vulnerability. The author contacted Adobe back in August but the issue is still not resolved so they are releasing details in hopes that Adobe will address the issue. Note that this finding houses site-specific data. Update on 01/21/2013: Adobe PSIRT has resolved the issue and the author has confirmed that this was indeed fixed.
b7ad16292219d69d31c0817f287d4e50149c4bdbd887e0e0e7282fad6aa95478