CVE-2006-3958 Information

Description

Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system or authenticated users via (2) the Edit Task system (3) the back-end Category Editor system and (4) \Pages that display task status email addresses URL customer and project information.\

Reference

http://secunia.com/advisories/21242 http://www.osvdb.org/27637 http://www.pkrinternet.com/download/RELEASE-NOTES.txt http://www.securityfocus.com/bid/19251 http://www.vupen.com/english/advisories/2006/3058 https://exchange.xforce.ibmcloud.com/vulnerabilities/28178 https://www.pkrinternet.com/taskjitsu/task/3477