CVE-2009-4320 Information

Description

Cross-site scripting (XSS) vulnerability in searchform.php in The Next Generation of Genealogy Sitebuilding (TNG) 7.1.2 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Reference

http://secunia.com/advisories/37711 http://www.exploit-db.com/exploits/10387 https://exchange.xforce.ibmcloud.com/vulnerabilities/54726