CVE-2005-0878
MercuryBoard before 1.1.3 is affected by CVE-2005-0878: an XSS flaw in the title field of private messages that lets remote attackers inject arbitrary script/HTML. Root cause: insufficient input sanitization in the PM title. Impact: could compromise user sessions or integrity of rendered pages as...