Keeping an XSS-prone version to your website still allows abusing, like the following:

http://old.net.eu.org/index.php?p=%3C/title%3E%3Cmeta%20http...

Fix it ASAP if you don't want to be associated with any fault caused by attackers.