CVE-2005-4167
CVE-2005-4167 affects eFiction 1.0 and 1.1, where the let parameter in titles.php’s viewlist action is not sanitized, enabling stored or reflected XSS by remote attackers to inject arbitrary script/HTML. The vulnerability arises from unsanitized user input used to generate dynamic pages, allowing...