CVE-2006-6148 - Chanceful Beings
Description
Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName (2) lURL (3) lImage and (4) lDescription parameters. NOTE: some of these details are obtained from third party information.
Reference
http://www.frsirt.com/english/reference-2006-4664-1.php http://www.securityfocus.com/bid/21226 http://securitytracker.com/id?1017280 http://secunia.com/advisories/23063 http://securityreason.com/securityalert/1924 http://www.vupen.com/english/advisories/2006/4664 https://exchange.xforce.ibmcloud.com/vulnerabilities/30465 http://www.securityfocus.com/archive/1/452265/100/0/threaded