CVE-2005-0919 - Unfree Power

Description

Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space which leaves other users vulnerable to cross-site scripting (XSS) attacks.

Reference

http://exploitlabs.com/files/advisories/EXPL-A-2005-003-adventiachat.txt http://securitytracker.com/id?1013588 http://www.securityfocus.com/bid/12927 http://www.securityfocus.com/bid/12940 http://www.osvdb.org/15156 http://marc.info/?l=full-disclosure&m=111211930330410&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/21317