CVE-2007-3918

Cross-site scripting (XSS) vulnerability in account/verify.php in GForge 4.6b2 allows remote attackers to inject arbitrary web script or HTML via the confirm_hash parameter.

Date published : 2007-10-05

http://www.securityfocus.com/bid/25923

http://gforge.org/scm/viewvc.php/trunk/gforge/www/account/verify.php?root=gforge&r1=5967&r2=6092