Public CVE-2012-2642 disclosure

Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted form entry.