Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp.
References 8 Total
- exchange.xforce.ibmcloud.com: news-manager-xss(15548) vdb-entry
- secunia.com: 11180 third-party-advisory
- osvdb.org: 4492 vdb-entry
- securityfocus.com: 9935 vdb-entry
- securitytracker.com: 1009507 vdb-entry
- osvdb.org: 4493 vdb-entry
- osvdb.org: 4494 vdb-entry
- marc.info: 20040322 Vulnerabilities in News Manager Lite 2.5 & News Manager Lite administration mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 8 Total
- exchange.xforce.ibmcloud.com: news-manager-xss(15548) vdb-entryx_transferred
- secunia.com: 11180 third-party-advisoryx_transferred
- osvdb.org: 4492 vdb-entryx_transferred
- securityfocus.com: 9935 vdb-entryx_transferred
- securitytracker.com: 1009507 vdb-entryx_transferred
- osvdb.org: 4493 vdb-entryx_transferred
- osvdb.org: 4494 vdb-entryx_transferred
- marc.info: 20040322 Vulnerabilities in News Manager Lite 2.5 & News Manager Lite administration mailing-listx_transferred