CVE-2005-3688 Information

Description

Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the \Your Current Mood\ field in the registration page.

Reference

http://irannetjob.com/content/view/163/28/ http://secunia.com/advisories/17642 http://securitytracker.com/id?1015237 http://www.securityfocus.com/archive/1/417078/30/0/threaded http://www.securityfocus.com/bid/15489 http://www.vupen.com/english/advisories/2005/2488