Simon Morel

**Name of the Vulnerable Software and Affected Versions** Martin Scheffler betaboard version 0.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the `FormVal profile` parameter. **Recommendations** For version 0.1, consider restricting access to user profiles to minimize the risk of exploitation until a fix is available. Avoid using the `FormVal profile` parameter in affected areas until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Mozilla Camino versions 1.0 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in a null dereference and application crash or hang, via HTML with certain improperly nested elements. **Recommendations** For Mozilla Camino versions 1.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.