Even though this page is static HTML on the server, it still contains a Reflected Cross Site Scripting vulnerability in JavaScript (though page is not vulnerable in all browsers).

This page has been confirmed VULNERABLE in Internet Explorer 7 and NOT VULNERABLE in Firefox 3.0.x.

This form was contributed by MANDIANT