CVE-2007-3269

Papoo Light 3.6 before 20070611 is affected by multiple XSS vulnerabilities per CVE-2007-3269: an attacker can inject arbitrary script via (1) the URI in a GET request, (2) the Title field of a visitor comment, and (3) a message to another user. The note mentions that vector (2) might overlap CVE...