Bogdan Calin at at Acunetix discovered a XSS vulnerability in NuSOAP 0.9.5 All details in: http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005
An patch is provided at: http://www.mantisbt.org/bugs/view.php?id=12312
php-nusoap-0.9.5-1.fc12 has been submitted as an update for Fedora 12. https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.fc12
php-nusoap-0.9.5-1.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.fc13
php-nusoap-0.9.5-1.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.fc14
php-nusoap-0.9.5-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.el5
php-nusoap-0.9.5-1.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update php-nusoap'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.fc14
php-nusoap-0.9.5-1.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update php-nusoap'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/php-nusoap-0.9.5-1.el5
Moving this bug to Security Response Product, as it is record for security issue. Thank you for addressing the issue.
The CVE identifier of CVE-2010-3070 has been assigned to this issue: [1] http://www.openwall.com/lists/oss-security/2010/09/07/4
Fedora mantis bug: [2] https://bugzilla.redhat.com/show_bug.cgi?id=633011
Looks like the update has been pushed to stable but the issue was not closed. doing it now.