XSS Vulnerability on Microsoft Security Response Center, found by Moroccan Researcher

A young Moroccan Security Researcher discovers XSS (Cross Site Scripting) flaw on Microsoft Security Response Center (MSRC) website. Vulnerability immediately fixed by Microsoft Security Team after reporting.

-->
POC Screen Shot:

The Security researcher told The Hackers Post that he reported XSS flaw to Microsoft. He got immediate response with appreciation and vulnerability fixed by them.

Microsoft Security Team immediately patched the XSS flaw which was reported by me. I have reported many others vulnerabilities which are not fixed yet!

[#] - Vulnerability Type: 
                           XSS (Cross Site Scripting)

[#] - Vendor homepage: 
                          http://www.microsoft.com

[#] - Tested on: 
                        Windows 7 64 bit Firefox browser  (but should have worked on other OS and browsers                      (not sure about IE))

[#] - Vulnerability Status: 
                         FIXED [Critical]

[#] - Found By: 
                        Omary Lhoussine

[#] - Vulnerable link (POC):

                 http://www.microsoft.com/security/msrc/report/disclosure.aspx#" onload="alert(document.cookie)

See Also: Amazon vulnerable to XSS flaw found by Security Researcher 

The XSS vulnerability can cause multiple damages like embedding javascript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page and to affect the user. A basic guide on the topic of Cross Site Scripting (XSS) can be found here.

The Security Researcher also listed on Microsoft Security Acknowledgement page .