CVE-2005-4407
CVE-2005-4407 describes a cross-site scripting (XSS) vulnerability in Mercury CMS versions up to 4.0, where the index.cfm script is vulnerable. The issue arises from unsafely handling the 1) content and 2) criteria parameters, allowing remote attackers to inject arbitrary web script or HTML. Expl...