Cross-site scripting vulnerability in browse.php for PHP(Reactor) 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section.Referenceshttp://sourceforge.net/project/shownotes.php?release_id=91877http://www.iss.net/security_center/static/9280.phphttp://archives.neohapsis.com/archives/bugtraq/2002-06/0034.htmlhttp://www.securityfocus.com/bid/4952
