Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field.Referenceshttp://sosoblood.freehostia.com/SJSC/html_injection.gifhttp://www.securityfocus.com/archive/1/501672/100/0/threadedhttp://www.securityfocus.com/bid/34083http://osvdb.org/52718
