Hello, Please see the following report: ARISg5 (version 5.0) cross site scripting vulnerability ----------------------------------------------------------------------- Application name: ARISg5 (arisglobal) Version: 5.0 Class: Input Validation Error Type: Cross Site Scripting (XSS) Remote: Yes Credit: Yaniv Miron Exploit: http://SERVER_ADDRESS/Aris/wflogin.jsp?errmsg=XSS msg Yaniv Miron aka "Lament". lament@ilhack.org