Cross-site scripting (XSS) vulnerability in TinyPortal prior to 0.8.6 allows remote malicious users to inject arbitrary web script or HTML via the shoutbox.
tiny portal tiny portal