CVE-2008-7060
CVE-2008-7060 concerns One-News Beta 2 and involves multiple cross-site scripting (XSS) vulnerabilities. The XSS can be triggered via the title or content fields of a news item (add.php) and via itemnum, author, or comment fields of a comment (index.php). Vectors 1 and 2 require user authenticati...