A week before i reported an XSS vulnerability inside stumbleupon, I promised to disclose the vulnerability details once it gets fixed. Recently i received an email from stumbleUpon. They told that they have fixed the vulnerability and they would like me to test it again if it’s still vulnerable to the Cross site Scritping (XSS) attack. I tested the parameter and did not find any potential XSS inside it. The above parameter was vulnerable to a reflected cross site scripting attack, however now it’s fixed and i don’t see the issue any more.”]
Source: http://www.rafayhackingarticles.net/2012/10/stumbleupon-fixes-xss-vulnerability.html