CVE-2008-5225
CVE-2008-5225 affects Xerox DocuShare 6 and earlier. The vulnerability is a cross-site scripting (XSS) flaw in the dsweb servlet where unsanitized PATH_INFO is echoed in dynamic HTML, enabling remote injection of script or HTML via the default URI under SearchResults/ and Services/ in dsdn/dsweb/...