CVE-2009-4890
CVE-2009-4890 describes multiple cross-site scripting (XSS) vulnerabilities in the login application of vBook 4.2.17, allowing remote attackers to inject arbitrary script/HTML via the 1) title and 2) message parameters. The affected product is the login component of vBook; the underlying cause is...