CVE-2007-5985
CVE-2007-5985: Multiple XSS vulnerabilities in BtiTracker prior to 1.4.5 allow remote attackers to inject arbitrary script/HTML via unspecified vectors to account.php, moresmiles.php, recover.php, or via the to parameter in usercp.php. The NVD entry confirms the same description, with a base scor...