CVE-2008-3739 Information

Description

Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors possibly involving upload of files containing XSS sequences.

Reference

http://jvn.jp/en/jp/JVN27417220/index.html http://jvn.jp/en/jp/JVN52557009/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000048.html http://secunia.com/advisories/31574 http://secunia.com/advisories/31582 http://wiz.syscon.co.jp/Details.htm http://www.securityfocus.com/bid/30791 http://www.spacetag.jp/modules/products/index.php?id=54 https://exchange.xforce.ibmcloud.com/vulnerabilities/44593