https://www.exploit-db.com/exploits/23890
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-168

FreshGuestBook的guest.cgi存在跨站脚本（XSS）漏洞。远程攻击者可以借助Name字段注入任意web脚本或HTML。

source: http://www.securityfocus.com/bid/9995/info

It has been reported that Fresh Guest Book is prone to a remote HTML injection vulnerability. This issue is due to a failure of the application to properly sanitize user supplied form input.

An attacker may exploit the aforementioned vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks may also be possible. 

<script>alert('xss');</script>

来源:XF
名称:freshguestbook-guest-xss(15649)
链接:http://xforce.iss.net/xforce/xfdb/15649
来源:BID
名称:9995
链接:http://www.securityfocus.com/bid/9995
来源:BUGTRAQ
名称:20040328vuln
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108057935827431&w;=2