CVE-2009-4521
Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter.
Date published : 2009-12-31
http://www.securityfocus.com/bid/36674
http://www.securityfocus.com/archive/1/507172/100/0/threaded