If yes, then "probably" it's exploitable.
As you can see in the
https://code.google.com/p/domxsswiki/wiki/TheReferrerSource
IE allows several characters like " > < ' in the query string.
so you'll probably need to set up an attacker page like:
www.attacker.ltd/page.php?blah'"><iframe/onload=alert(1)>
content:
<iframe src='http://yourwww/page.do'></iframe>
or something like that, that points to the flawed page.
Let me know if it works...
Cheers
Stefano
--
Stefano Di Paola
Chief Technology Officer, Lead Auditor ISO 27001
Minded Security - Application Security Consulting
Cell: +39 3209495590
Email: stefano.dipaola [at] mindedsecurity.com
Minded Security S.r.l.
Via Duca D'Aosta, n.20 50129 Firenze (FI)
www.mindedsecurity.com
_________________________________________________________________________________________________
Pay attention, this email is confidential. If you are not authorized,
or if you have received this message by mistake,please not read,
use or spread any piece of the information above.