CVE-2007-3910

Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows remote attackers to inject arbitrary JavaScript via a Jabber resource name and possibly other data items, which are stored in conversation logs.

Date published : 2007-07-19

http://www.securityfocus.com/bid/25094

http://www.portcullis-security.com/182.php