HashOver Cross-Site Scripting Vulnerability
HashOver is a free and open source PHP-based commenting system. A cross-site scripting vulnerability exists in HashOver version 2.0, which stems from the program's failure to adequately filter user data submitted to the 'hashover/scripts/widget-output.php' URL. A remote attacker could exploit thi...