Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/19891
http://secunia.com/advisories/14749