CVE-2006-2249

2006-05-09T06:02:00
ID CVE-2006-2249
Type cve
Reporter NVD
Modified 2018-10-18T12:38:51

Description

Multiple cross-site scripting (XSS) vulnerabilities in search.php in CuteNews 1.4.1 and earlier, and possibly 1.4.5, allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) story, or (3) title parameters.