CVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote attackers to inject arbitrary web script or HTML via a URL at the online service.
Date published : 2006-09-24
http://www.securityfocus.com/archive/1/446414/100/0/threaded