Mandriva Linux Security Advisory 2009-340 – Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors. This update provides a solution to this vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/84381/MDVSA-2009-340.txt
Source: https://packetstormsecurity.com/files/84381/Mandriva-Linux-Security-Advisory-2009-340.html