Reflected XSS in cert.org

One of those sites which should be secure, is cert.org. There was Reflected HTML injection vulnerability from presenting Request URI back to HTML (works only with IE).

more ...