Multiple cross-site scripting vulnerabilities in castnewPost.asp in Liberum Help Desk 0.97.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Email, (2) Title, or (3) Description fields.Referenceshttp://echo.or.id/adv/adv14-theday-2005.txthttp://marc.info/?l=bugtraq&m=111773586701991&w=2
