CVE-2007-4281 Information

Description

Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the login field on the login page and other unspecified vectors.

Reference

http://osvdb.org/36579 http://secunia.com/advisories/26333 http://sourceforge.net/forum/forum.php?forum_id=722865 http://sourceforge.net/project/shownotes.php?release_id=530698&group_id=107851 http://support.ktdms.com/browse/KTS-2178 http://www.securityfocus.com/bid/25231 http://www.vupen.com/english/advisories/2007/2812