CVE-2005-4072

Cross-site scripting XSS vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in searchforums.cfm, as used in the "Search For:" field...

CVE-2005-4072

The CVE describes a cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier, where an attacker can inject arbitrary script via the Words parameter in search_forums.cfm used in the “Search For:” field. The available records confirm the affected software and the inp...