CVE-2006-2234
CVE-2006-2234 affects TyroCMS beta 1.0 and discloses multiple XSS vulnerabilities. An attacker can inject arbitrary web script/HTML via: (1) a javascript URI in an img BBCode tag, (2) a JavaScript event in a url BBCode tag, or (3) a color BBCode tag. Root cause: cross-site scripting in user-contr...