CVE-2008-0426 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name (2) headline or (3) text field in a message.

Reference

http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/ http://secunia.com/advisories/28605 http://www.securityfocus.com/archive/1/486796/100/0/threaded http://www.securityfocus.com/bid/27386 https://exchange.xforce.ibmcloud.com/vulnerabilities/39832