It's possible to compromise client by inserting javascript into query URL.
vulners.com/securityvulns/securityvulns:doc:4373
vulners.com/securityvulns/securityvulns:doc:877