Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
http://www.securityfocus.com/bid/59273
http://www.krisonav.com/index.php?module=articles_show&articles_id=release-notes