CVE-2007-3078 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php.

Reference

http://osvdb.org/36897 http://osvdb.org/36898 http://secunia.com/advisories/25503 http://sourceforge.net/project/shownotes.php?group_id=109910&release_id=512595 http://sourceforge.net/tracker/index.php?func=detail&aid=1725317&group_id=109910&atid=657107 http://www.securityfocus.com/bid/24264 https://exchange.xforce.ibmcloud.com/vulnerabilities/34665