CVE-2006-2228
CVE-2006-2228 affects w-Agora (Web-Agora) 4.2.0 with a cross-site scripting (XSS) flaw: a BBCode tag containing a JavaScript event name followed by whitespace before the = character bypasses the regex intended to remove onmouseover/events, enabling remote script execution. The provided documents ...