CVE-2005-2042

Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags.

Date published : 2005-06-22

http://www.securityfocus.com/bid/13986

http://sourceforge.net/project/shownotes.php?release_id=335556