info
discussion
exploit
solution
references
Geeklog Homepage User Field HTML Injection Vulnerability
There is no exploit required. The following example was submitted:
http://url" onmouseover="alert(document.cookie)
Privacy Statement
Copyright 2010, SecurityFocus