info
discussion
exploit
solution
references
Bit 5 Blog AddComment.PHP HTML Injection Vulnerability
An exploit is not required.
The following proof of concept is available:
<a href=javascript:alert(123)>clickme</a>
Privacy Statement
Copyright 2010, SecurityFocus
