ScareCrow Multiple Cross-Site Scripting Vulnerabilities

ScareCrow Multiple Cross-Site Scripting Vulnerabilities

No exploit is required.

The following proof of concept URI are available:
http://www.example.com/forum.cgi?forum=[XSS]
http://www.example.com/profile.cgi?action=view&user=[XSS]
http://www.example.com/post.cgi?action=new&forum=[XSS]