Cross-site scripting (XSS) vulnerability in atl.cgi in Atlant Pro 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) before and (2) ct parameters.Referenceshttp://www.vupen.com/english/advisories/2005/2934http://pridels0.blogspot.com/2005/12/atlant-pro-xss-vuln.htmlhttp://www.securityfocus.com/bid/15886http://secunia.com/advisories/18095
