CVE-2006-6928 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) listmain.asp or (b) searchmain.asp the (2) the Keyword parameter to (c) searchkey.asp or the (3) refno parameter to (d) forminfo.asp.

Reference

http://secunia.com/advisories/23049 http://securityreason.com/securityalert/2143 http://www.securityfocus.com/archive/1/452112/100/0/threaded http://www.securityfocus.com/bid/21191 http://www.vupen.com/english/advisories/2006/4630 https://exchange.xforce.ibmcloud.com/vulnerabilities/30425