I was going through SourceForge for downloading PyDev Plugin and I encountered CrossSiteScripting vulnerability in certain domains which is hosted by SourceForge. I am including the links which has the vulnerability,preventive measures and also I am sending mails to the host.
I am reporting this issue as a matter of my personal interest and also for a better and safe Web.
Also I swear that I did not cause any havoc to the site and I am reporting this privately and have not disclosed it publicly.
Please refer to,
I hope that you read it and take preventive measures to avoid this attack.
I repeat these are not *potential* but proved attacks which has ability even in taking control of the server.
Do reply to this mail address.
Awaiting your response.
Nishaanth Guna aka gameFace22