CVE-2008-2861

Multiple cross-site scripting XSS vulnerabilities in eLineStudio Site Composer ESC 2.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 topic and 2 button parameters to ansFAQ.asp and the 3 id and 4 txtEmail parameters to login.asp...