Public CVE-2007-4478 disclosure

Cross-site scripting (XSS) vulnerability in search.html in Search Engine Builder allows remote attackers to inject arbitrary web script or HTML via the searWords parameter.