Hacker Team called "n0caReTeAm" discovered Cross site Scripting Vulnerability in lot of high profile sites and Government sites including music.com, SecurityXploded.com. (SecurityXploded is a popular Infosec Research & Development portal.)
Music.com,techspot.com, games.com and some other High profile sites are vulnerable to XSS. Hackers also found XSS Vulnerabilities in South Africa, US, Nigeria ,France government sites.
Hackers exposed the Vulnerability in pastebin:
http://pastebin.com/QtG79hcw
http://pastebin.com/fbUjMccb
The Poc for SecurityXploded is here:
http://securityxploded.com/download-ebook.php?download_ url=http://goo.gl/Uvk6N& bookid=9278104617&hash_tag= 5adcb2d1488ecbb2e7c3af3a92c285 ca5984bc21&b_data= aHR0cDovL3d3dy40c2hhcmVkLmNvbS 9vZmZpY2UvSHZ1UTZhZGkvWFNTX0F0 dGFja3NfLV9Dcm9zc19TaXRlX1Njcm lwLmh0bQ==&b_title=%22%3E% 3Cscript%3Ealert%28String. fromCharCode%28110,%2048,% 2099,%2097,%2082,%20101,%2084, %20101,%2065,%20109,%2032,% 2088,%20115,%20115%29%29%3C/ script%3E
