There's a vulnerability in Timberland's search engine. The variable 'keywords' in searchHandler/index.jsp is not correctly sanitized. URL: hxxp://www.timberland.com/searchHandler/index.jsp?keywords=[XSS Code] Example: hxxp://www.timberland.com/searchHandler/index.jsp?keywords=<script>alert('test');</script> Author: O.G.