From Josh Bressers (oss-sec mailing list):
CVE-2010-4348: Cross site scripting CVE-2010-4349: Path disclosure CVE-2010-4350: Local file inclusion
From Josh Bressers (oss-sec mailing list):
CVE-2010-4348: Cross site scripting
CVE-2010-4349: Path disclosure
CVE-2010-4350: Local file inclusion