GoDaddy vulnerable to cross-site scripting attacks