Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote attackers to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters.
https://exchange.xforce.ibmcloud.com/vulnerabilities/36401
http://www.vupen.com/english/advisories/2007/3085
http://www.securityfocus.com/bid/25530
http://secunia.com/advisories/26682
http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html