CVE-2005-2480
The CVE-2005-2480 entry concerns Fusebox running on ColdFusion (Fusebox 4.1.0). The vulnerability is a cross-site scripting (XSS) flaw where the fuseaction parameter is not quoted in an error page, enabling an attacker to inject arbitrary script/HTML (demonstrated via index.cfm). Connected docume...