https://www.exploit-db.com/exploits/23451

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/9261/info

A vulnerability has been reported to be present in the software that may allow a remote attacker to execute HTML or script code in a user's browser.

It has been reported that the problem arises when the software returns an error message to the user that may contain unsanitized data. The script code would run in the context of the user running the vulnerable software. 

http://www.example.com:8080/<script>alert('XSS example');</script>