Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string.Referenceshttp://jvn.jp/en/jp/JVN98097877/360573/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000145http://jvn.jp/en/jp/JVN98097877/index.html
