Vulnerabilities > CVE-2006-3661 - Cross-Site Scripting vulnerability in Cutephp Cutenews 1.4.5

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

cutephp

NVD

Published: 2006-07-18

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in Index.PHP in CuteNews 1.4.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Cutephp Cutephp Cutenews 1.4.5	1

References

http://www.securityfocus.com/bid/18918
http://www.virangar.org