CVE-2006-6159 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in DeskPRO 2.0.0 and 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) message or (2) subject parameter.

Reference

http://secunia.com/advisories/22991 http://www.osvdb.org/30671 http://www.securityfocus.com/bid/21248 http://www.vupen.com/english/advisories/2006/4676 http://www.zion-security.com/text/Mul_Vulnerability_DeskPro.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/30520