CVE-2010-4659

StatusNet (open-source PHP-based micro-blogging platform) contains a cross-site scripting (XSS) vulnerability in error message contents up through 2010. The root cause is insufficient validation of client-side data by the web application, enabling an attacker to execute client-side code via craft...