ASPKnowledgebase vulnerable to XSS injection.

[preben () watchcom no]

ASPKnowledgebase, by www.asp-programmers.com is vulnerable to XSS in some of it's input fields. If you compromise it's 
logon, to gain administrative privileges as my previous advisory describes - you can inject the admin form-fields with 
XSS.  
This will result in automatic execution of script when a user visits that page.

This is highly dangerous as you can script what ever you like. Often these types of attacks are used for cookie thefts 
and so on.

Please credit to: Preben Nyløkken