Cross-site scripting (XSS) vulnerability in NetCommons before 1.0.11, and 1.1.x before 1.1.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2006-4165.Referenceshttp://www.netcommons.org/modules/journal/journal_detail.php?block_id=2121&news_id=316&op=comment#2121http://www.securityfocus.com/bid/26328https://exchange.xforce.ibmcloud.com/vulnerabilities/38257http://www.vupen.com/english/advisories/2007/3717http://jvn.jp/jp/JVN%2379295963/index.htmlhttp://secunia.com/advisories/27484
