CVE 2014-2235
Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.
See the 
CVE page on Mitre.org
for more details.
