Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js.
http://www.us-cert.gov/cas/techalerts/TA11-222A.html
http://www.adobe.com/support/security/bulletins/apsb11-23.html