Reflected cross-site scripting vulnerability on a DoD website

Hello there ! I'd like to report a 'XSS' vulnerability on a DoD website *https://███/unit/███ , Here in the search engine of the website please enter the following payloads <script>alert(document.domain)</script> & you can even use this payload to steal cookies <script>alert(document.cookie)</script> and hit enter and just scroll you're mouse below the Term: <script>alert(document.domain)</script> to the three icons and as soon as you scroll you're mouse over that three icons you will notice the " pop-up " FOR CLEAR DEMONSTRATION OF THE VULNERABILITY PLEASE REFER TO THE PROOF-OF-CONCEPT ATTACHED TO THIS REPORT. Thanks, ████ ## Impact XSS vulnerabilities can be used to trick a web user into executing a malicious script, potentially revealing a user's web session information or modify web content & even steal cookies.