Summary
The remote web server contains a PHP script that is affected by a cross-site scripting issue.
Description:
The version of Cutenews installed on the remote host fails to sanitize input to the 'search.php' script before using it to generate dynamic HTML to be returned to the user. An unauthenticated attacker can exploit this issue to execute a cross-site scripting attack.
This version of Cutenews is also likely affected by other associated issues.
Solution
Unknown at this time.