Last night, I found an open redirector on the usa.gov site, which was being used in Google links to spread malware. I fired off an email to the usa.gov Webmaster explaining the problem. This morning I got a very nice email reply saying they'd verified the problem and fixed it; the redirector now does referrer checking and refuses to redirect for non-local requests. Checked it out, and sure enough, it was fixed.
Woot! They had a patched script up within hours. Who says the government is always slow and inefficient?