CVE-2008-0284
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments.
Date published : 2008-01-15
http://www.securityfocus.com/bid/27218
http://www.securityfocus.com/archive/1/486074/100/0/threaded