CVE-2006-0857 Information

Description

Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox as demonstrated using a SCRIPT element.

Reference

http://www.securityfocus.com/archive/1/425388/100/0/threaded http://www.securityfocus.com/bid/16719 https://exchange.xforce.ibmcloud.com/vulnerabilities/24815