Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
source: wwwsecurityfocuscom/bid/5798/info
Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client
DaCode does not sufficiently filter potentially malicious HTML code from news posts As a result, when a user views a news posting that contains malicious HTML code, the code contained in the post ...