CVE-2007-3189 Information

Description

Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter.

Reference

http://marc.info/?l=full-disclosure&m=118151087109711&w=2 http://secunia.com/advisories/25587 http://secunia.com/advisories/26769 http://www.debian.org/security/2007/dsa-1374 http://www.securityfocus.com/archive/1/471039/100/0/threaded http://www.securityfocus.com/bid/24414