Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to 1 rispondi.php and 2 scrivi.php, which is not properly handled in forum.php...