CVE-2009-1070
CVE-2009-1070 affects ExpressionEngine CMS. The vulnerability is a Cross-Site Scripting (XSS) in system/index.php, exploitable via the avatar parameter, affecting ExpressionEngine 1.6.4 through 1.6.6 (and possibly earlier versions). The available connected documents confirm the vulnerability vect...