Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp in OpenForum 1.2 Beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ofdisp and (2) ofmsgid parameters.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/27361http://pridels0.blogspot.com/2006/06/openforum-xss-vuln.htmlhttp://www.osvdb.org/27623http://www.securityfocus.com/bid/19266
