Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.Referenceshttp://www.jamroom.net/index.php?m=td_tracker&o=view&id=1756http://www.htbridge.ch/advisory/xss_vulnerability_in_jamroom.htmlhttp://secunia.com/advisories/40259http://www.securityfocus.com/bid/41071
