CVE-2007-2880
Digirez 3.4 has multiple cross-site scripting (XSS) vulnerabilities that enable remote attackers to inject arbitrary web script or HTML via (1) the Room_name parameter in room/info_book.asp and (2) the curYear parameter in room/week.asp. Root cause: insufficient input sanitization leading to scri...