CVE-2009-4848
ToutVirtual VirtualIQ Pro 3.2 (build 7882) and 3.5 (build 8691) contain multiple cross-site scripting (XSS) vulnerabilities. The flaws allow remote attackers to inject arbitrary web script or HTML via the following parameters: (1) userId in tvserver/server/user/setPermissions.jsp, (2) deptName in...