Reflected HTML Injection via contact (faq) search parameter on ██████████

A reflected HTML injection vulnerability is reported on the ████████. The vulnerability is identified in the contact (faq) search parameter. When a specific HTML payload is entered into this parameter, it is reflected back in the response without proper sanitization. This allows for the execution of arbitrary HTML and potentially malicious script code in the context of other users' web browsers. The vulnerability is demonstrated through a proof-of-concept video that has been included in the report.