Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter.Referenceshttp://vegadns.org/src/current/CHANGELOGhttp://www.packetstormsecurity.org/0508-exploits/vegadns-dyn0.txthttp://www.securityfocus.com/bid/14538http://secunia.com/advisories/16370
