Cross site scripting

Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

CVE-2006-0796

CVE-2006-0796 affects Clever Copy 3.0: XSS in default.php that allows remote attackers to inject arbitrary web script/HTML via the Subject field when sending private messages (privatemessages.php). This is caused by insufficient input sanitization in the message Subject parameter. The vulnerabili...