Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQuestion (aka Change Security Question) page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field.Referenceshttp://www.securityfocus.com/archive/1/502810/100/0/threadedhttp://www.securityfocus.com/bid/34620
