CVE-2006-2808
CVE-2006-2808 is a cross-site scripting vulnerability in Lycos Tripod htmlGEAR guestGEAR (Guest Gear). An attacker can inject arbitrary script via a guestbook post containing a javascript URI in the SRC attribute of a BR element after an extra "iframe" tagname and a double ">", potentially byp...