Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.Referenceshttp://secunia.com/advisories/33065https://exchange.xforce.ibmcloud.com/vulnerabilities/47198http://securityreason.com/securityalert/4751http://osvdb.org/50659http://www.securityfocus.com/bid/32727https://www.exploit-db.com/exploits/7400
