CVE-2006-3842

Description

Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attackers to execute arbitrary web script or HTML via an HTML message.

Affected products

• adventnet / zoho_virtual_office3.2_build_3210 – 3.2_build_3210

References

• MISChttp://www.securityfocus.com/archive/1/440417/100/0/threaded
• VENDOR_ADVISORYhttp://secunia.com/advisories/21085
• MISChttp://www.securityfocus.com/bid/19016
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/27818
• MISChttp://securityreason.com/securityalert/1273