CVE-2013-0730
Newscoop 4.x through 4.1.0 contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary scripts via two vectors: the language parameter in app/modules/admin/controllers/LanguagesController.php and the user parameter in app/modules/admin/controllers/UserController.php. The...