Cross Site Scripting (XSS) vulnerability in Justice Systems FullCourt Enterprise v.8.2 allows a remote malicious user to execute arbitrary code via the formatCaseNumber parameter of the Citation search function.