CVE-2012-3869
CVE-2012-3869 (Redaxo XSS) : A cross-site scripting vulnerability exists in Redaxo 4.3.x and 4.4 where input passed via the subpage parameter to index.php (when page is set to user or template) is not properly sanitized, allowing remote attackers to inject arbitrary HTML/JavaScript. Exploitation ...