CVE-2006-3521 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in index/siteforge-bugs-action/proj.siteforge in SiteForge Collaborative Development Platform 1.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) _status (2) _extra1 (3) _extra2 or (4) _extra3 parameters.

Reference

http://pridels0.blogspot.com/2006/06/siteforge-collaborative-development_15.html https://exchange.xforce.ibmcloud.com/vulnerabilities/27223