PUBLIC MARKS from bacon with tags maior & multiple

obrigado pela informação. baixando de pendências xoops

secunia advisory: sa17300 release date: 2005-10-25 last update: 2005-11-08 critical: moderately critical. impact: security bypass. cross portal scripting. dos whe from remote. solution status: vendor patch. software: xoops 2.x. description: some vulnerabilities have been reported in xoops, which can be exploited by malicious people estou conduct script insertion attacks, cause a dos (denial of service), and estou bypass certain security restrictions. 1) input passed estou certain "xoops code" tags isn't properly sanitised before being returned estou the user. this can be exploited estou execute arbitrary html and script code in a user's browser session in context of an affected site. 2) certain input passed estou the "newbb" fórum module and estou the comments system isn't properly sanitised before being returned estou the user. this can be exploited estou execute