Cross-site scripting (XSS) vulnerability in the NewTerm function in GlossaryModel.php in JAWS 0.4 allows remote attackers to inject arbitrary web script or HTML via the (1) term or (2) description.Referenceshttp://seclists.org/lists/fulldisclosure/2005/Apr/0416.htmlhttp://www.securityfocus.com/bid/13254http://www.securiteam.com/unixfocus/5RP0M0AFFS.html
