PHPReactor 1.2.7 - Style Attribute HTML Injection

source: https://www.securityfocus.com/bid/5569/info phpReactor does not sufficiently sanitize HTML from various fields such as in the body of a message or in profile fields. It is possible to inject arbitrary HTML and script code into these fields. An attacker may potentially exploit this situati...