Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar.
http://www.securityfocus.com/bid/4422
http://www.iss.net/security_center/static/8763.php
http://archives.neohapsis.com/archives/bugtraq/2002-04/0052.html