CVE-2008-6637 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and (2) email parameters.

Reference

http://osvdb.org/45646 http://secunia.com/advisories/30363 http://www.digitrustgroup.com/advisories/web-application-security-safari-montage.html http://www.securityfocus.com/bid/29343 http://www.vupen.com/english/advisories/2008/1652 https://exchange.xforce.ibmcloud.com/vulnerabilities/42598