Multiple cross-site scripting (XSS) vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2007-3328.
https://exchange.xforce.ibmcloud.com/vulnerabilities/35765
http://www.securityfocus.com/bid/25173
http://sourceforge.net/project/shownotes.php?release_id=528858&group_id=69681