On Mon, 27 Mar 2006, security curmudgeon wrote: > http://www.webhostautomation.com/webhost-301 CVE missed it the first time around, and it looks like some other vdbs have, but the entry for 3.2.9 has fairly clear acknowledgement of CVE-2006-0211: 3.2.9 ------- ... Fixed XSS issue in password reminder page - Steve