A cross site scripting vunerability has been discovered in CJ linkout version 1.x. CJ linkout is a free product which allows you to easily let users connect to a different site with a frame at the top which links back to your site. The vulnerability report can be found at http://secunia.com/advisories/16970/ .