CVE-2006-6892 Information

Description

Cross-site scripting (XSS) vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest variable.

Reference

http://secunia.com/advisories/23484 http://www.ovbb.org/forums/thread.php?threadid=185 http://www.vupen.com/english/advisories/2007/0039