CVE-2012-1979

Cross-site scripting XSS vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter aka Email address field in an edituser configuration action...