Description of problem:
Similar to bug 1215024, just a different piece of template which is not correctly escaping JSON strings embedded in templates. In this case the problem is user-supplied search strings in the search bars.

The problem exists on all grid pages which use the traditional search bar: systems, distros, distro trees, distro families, tasks, jobs, recipes, reserve report. In older Beaker versions this includes other pages too.

Version-Release number of selected component (if applicable):
21.2, but the problem dates back at least to commit 6aa9e505 (Jan 2011) and has probably existed since the search bar was first added.

How reproducible:
easily

Steps to Reproduce:
1. In the search bar's "simplesearch" field, or the value field of an advanced search, enter </script><script>alert('hi') and submit the search.

Actual results:
Alert appears, due to unescaped </script> embedded in a JSON string inside a script on the resulting page.

Expected results:
</script> closing tag should be correctly escaped inside the JSON string so that it's not interpreted as a closing tag by the browser.

Additional info:
The user controlled parameter is read from the URL query string ("reflected XSS" in OWASP parlance) which means it is possible for an attacker to construct a malicious URL containing injected JS and trick a victim into clicking it.