CVE-2006-6159
CVE-2006-6159 describes multiple cross-site scripting (XSS) vulnerabilities in DeskPRO 2.0.0 and 2.0.1, exploitable via the message or subject parameters in newticket.php. The underlying issue is that remote attackers can inject arbitrary web script or HTML. The CVSS basis is 6.8 (Medium), with n...