Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4612)