Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-4281.
https://exchange.xforce.ibmcloud.com/vulnerabilities/47529
http://www.securityfocus.com/bid/32920