CVE-2008-5399 Information

Description

Cross-site scripting (XSS) vulnerability in the listonlineusers (aka \Who’s online) component in mvnForum before 1.2.1 GA allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Reference

http://osvdb.org/50403 http://secunia.com/advisories/32931 http://security.bkis.vn/?p=286 http://securityreason.com/securityalert/4699 http://www.mvnforum.com/mvnforum/viewthread_thread4361 http://www.securityfocus.com/archive/1/498872/100/0/threaded http://www.securityfocus.com/bid/32605