XSS vulnerabilities

A scan was run on our blogs site, and it showed several XSS vulnerabilities (unsanitized get variables). I can't find anything in the Wordpress (3.2.1) core that would allow this, so I suspect it's a theme issue.

Here are some examples:
15. Vulnerable (High, HARM: 320) at: http://blogs.*****.***/management/?paged=3&CENZIC_DUMMY_PARAM

Message:

Cross-site scripting vulnerability found
Injected item: GET: CENZIC_DUMMY_PARAM
Injection value: --><script>alert(13180346.47567)</script>
Detection value: 13180346.47567
This is a reflected XSS vulnerability, detected in an alert that was an immediate response to the injection.

Cross-Site Scripting

16. Vulnerable (High, HARM: 320) at: http://blogs.*****.***/management/?paged=3

Message:

Cross-site scripting vulnerability found
Injected item: GET: paged
Injection value: --><script>alert(13180346.47577)</script>
Detection value: 13180346.47577
This is a reflected XSS vulnerability, detected in an alert that was an immediate response to the injection.

Cross-Site Scripting