CVE-2006-2885

Multiple cross-site scripting XSS vulnerabilities in KnowledgeTree Open Source 3.0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 fDocumentId parameter in view.php and the 2 fSearchableText parameter in /search/simpleSearch.php...

CVE-2006-2885

KnowledgeTree Open Source prior to or including 3.0.3 is affected by XSS vulnerabilities in view.php (fDocumentId) and /search/simpleSearch.php (fSearchableText). The root cause is insufficient input validation/escaping enabling remote injection of arbitrary web scripts or HTML. Impact: attackers...