Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in common.php in Post Revolution before 0.8.0c-2 allow remote attackers to inject arbitrary web script or HTML via an attribute of a 1 P, a 2 STRONG, a 3 A, a 4 EM, a 5 I, a 6 IMG, a 7 LI, an 8 OL, a 9 VIDEO, or a 10 BLOCKQUOTE element...