CVE-2010-4772

Cross-site scripting XSS vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php...