CVE-2005-2112

Multiple cross-site scripting XSS vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 order parameter to edit.php or 2 cid parameter to commentedit.php...