CVE-2005-2416
Contrexx prior to 1.0.5 contains client-side Cross-Site Scripting (XSS) vulnerabilities in two parameters: (1) term in the search module and (2) title in the blog aggregation module. These allow remote attackers to inject arbitrary web script or HTML. The CVE entry documents these two vectors but...