CVE-2006-2632 Information

Description

Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions.

Reference

http://secunia.com/advisories/20304 http://securityreason.com/securityalert/968 http://sourceforge.net/forum/forum.php?forum_id=576219 http://sourceforge.net/project/shownotes.php?release_id=420549&group_id=90199 http://www.securityfocus.com/archive/1/435135/100/0/threaded http://www.securityfocus.com/bid/18136 http://www.vupen.com/english/advisories/2006/2033 https://exchange.xforce.ibmcloud.com/vulnerabilities/26704