CVE-2002-2350 Information

Description

Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-10/0152.html http://www.iss.net/security_center/static/10337.php