CVE-2009-4890 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the login application in vBook 4.2.17 allow remote attackers to inject arbitrary web script or HTML via the (1) title and (2) message parameters.

Reference

http://www.securityfocus.com/archive/1/501603/100/0/threaded http://www.securityfocus.com/bid/34046 https://exchange.xforce.ibmcloud.com/vulnerabilities/49161