CVE-2006-4975 Information

Description

Yahoo! Messenger for WAP permits saving messages that contain JavaScript which allows user-assisted remote attackers to inject arbitrary web script or HTML via a URL at the online service.

Reference

http://advisories.echo.or.id/adv/adv47-theday-2006.txt http://securityreason.com/securityalert/1626 http://www.securityfocus.com/archive/1/446414/100/0/threaded