Terri Molini wrote: > Here is an email sent to us via webmaster at opensourceforamerica.org. > > Could someone please respond to Reed and see if he wants to help or is > just sending out a note. > > thanks, > terri > Greetings, > > The search results page on opensourceforamerica.org suffers from an > XSS vulnerability. > > http://opensourceforamerica.org/Search?q="><script>alert('xss');</ > script> > > Just figured I'd drop you a short note to let you know of the issue so > you can hopefully fix it. Let me know if you need any more information > on this particular issue or XSS in general. :) > > ~reed > > Hi, Found an entry in the ofBiz issue tracker on this: http://issues.apache.org/jira/browse/OFBIZ-260 Shows the issue as fixed/closed Feb of this year. Drew