Cross-Site Scripting through search form on mtnplay.co.zm

## Summary: There is a XSS vulnerability that can be triggered through a search form on mtnplay.co.zm ## Steps To Reproduce: 1. Navigate to http://www.mtnplay.co.zm/smart/jqm.aspx 2. Click on the search button (or go to this link: http://www.mtnplay.co.zm/smart/jqm.aspx?event=search&mnu=search&ctrlid=92) 3. Click on the filter button 4. The XSS can be triggered in any field of that form by inputting a javascript payload (Track/Album/Artist) ## Demonstration: https://www.youtube.com/watch?v=doLHsUqnvgE ## Impact Malicious javascript code can be injected into the application