Ok lets say that there is a search feild on a common website addition that people put on their site. This tool does not require you to log on and it is not hosted on the persons server who decides to put this on their site so there is no account information or anything like that. Anyways that search feild is suseptable to XSS, should it be reported to bugtraq you think or is there really no point?