CVE-2006-2167
CVE-2006-2167 describes a cross-site scripting (XSS) vulnerability in SloughFlash SF-Users 1.0, potentially in register.php. The flaw allows remote attackers to inject arbitrary web script or HTML by setting the username field to contain JavaScript in the SRC attribute of an IMG element. The affe...