XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_address parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected