CVE-2009-1408
CVE-2009-1408 affects webSPELL 4.2.0c with a cross-site scripting (XSS) flaw in BBCode handling. The described vulnerability enables remote attackers to inject arbitrary web script or HTML by abusing Javascript events (e.g., onmouseover) inside nested BBCode tags (email, img, url). Multiple sourc...