https://www.exploit-db.com/exploits/23749

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/9727/info

LiveJournal is reportedly prone to HTML injection via Cascading Style Sheet (CSS) tags. It is possible to inject hostile HTML and script code into journal entries through this vulnerability. 

This could potentially be exploited to steal cookies from other site users. Other attacks are also possible.

<style>
.test1 { color:expression(alert(document.cookie)); }
</style>

<a class="test1">foo</a>