Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name.Referenceshttp://www.securityfocus.com/archive/1/452988/100/0/threadedhttp://www.securityfocus.com/bid/21355http://securityreason.com/securityalert/1965http://www.ground418.org/exploits/read.php?file=06-alternC-095.txthttp://secunia.com/advisories/23144https://exchange.xforce.ibmcloud.com/vulnerabilities/30625http://www.vupen.com/english/advisories/2006/4851http://dev.alternc.org/trac/alternc/changeset/1739https://dev.alternc.org/trac/alternc/milestone/0.9.6
