CVE-2007-5727
CVE-2007-5727 describes an incomplete blacklist vulnerability in OneOrZero Helpdesk (common.php, stripScripts) that allows remote XSS via the description parameter to tcreate.php or tupdate.php (e.g., using an onmouseover event in a tag). Affected versions include 1.6.5.4 and 1.6.4.2, with poten...