I know these XSS vulns are kind of easy to find and they usually come off as "so easy a monkey could do it", but i thought i'd throw this one out there...
http://track.dhl-usa.com//atrknav.asp?shipmentNumber= <script>alert('test')</script> sincerely, a monkey.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
