Summary
The remote web server contains several PHP scripts that are prone to cross-site scripting attacks.
Description :
The installed version of CuteNews is vulnerable to cross-site scripting attacks. An attacker may use this bug to steal the credentials of legitimate users of this site.
Solution
Upgrade to the latest version of this software.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2004-0660 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Rave User Information Disclosure Vulnerability
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Apache Web Server ETag Header Information Disclosure Weakness
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities