A persistent mail encoding web vulnerability has been discovered in the official Secunia website web-application next to the csi/vim account registration. The vulnerability allows a remote attacker to inject own malicious script codes to the application-side of the vulnerable web-application service.
Read the full security advisory here – http://www.vulnerability-lab.com/get_content.php?id=1272