SkyeShoutbox <= v.1.2.0 XSS Discovered by: Nomenumbra Date: 21/5/2006 impact:moderate (possible defacement) SkyeShoutbox doesn't filter any input at all, thus allowing attackers to inject arbitrary html or javascript. Nomenumbra