Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, 4.7.3, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.Referenceshttp://www.debian.org/security/2009/dsa-1818http://secunia.com/advisories/35458http://www.securityfocus.com/bid/35424
