CVE-2007-4265
VisionProject 3.1 and earlier suffer multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via specific parameters: projectIssueId (EditProjectIssue.do), projectId (ProjectSelected.do), folderId (ProjectDocuments.do), and sortField ...