CVE-2007-1177 Information

Description

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string (2) Profiles (3) the Forum Post icon field (4) the Edit Profile and (5) the Gallery which has unknown impact and remote attack vectors possibly related to cross-site scripting (XSS).

Reference

http://osvdb.org/33277 http://osvdb.org/33283 http://osvdb.org/33286 http://osvdb.org/33287 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250