Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters. NOTE: some of these details are obtained from third party information.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30465
http://www.vupen.com/english/advisories/2006/4664
http://www.securityfocus.com/archive/1/452265/100/0/threaded
http://www.frsirt.com/english/reference-2006-4664-1.php