Maluc

**Name of the Vulnerable Software and Affected Versions** Google Search Appliance (affected versions not specified) Google Mini (affected versions not specified) **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded `q` parameter. **Recommendations** For Google Search Appliance, avoid using the `q` parameter with UTF-7 encoding until a fix is available. For Google Mini, avoid using the `q` parameter with UTF-7 encoding until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.