CVE-2007-1848
CVE-2007-1848 describes a cross-site scripting (XSS) flaw in Drake CMS where the admin/classes/ui.dta.php script fails to properly sanitize the desc[][title] input, allowing remote attackers to inject arbitrary web-script or HTML. The issue is associated with Drake CMS’s beta release; the vendor ...