Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cutenews | Cutephp | 1.3.6 | 1.3.6 |
Cutenews | Cutephp | 1.3.2 | 1.3.2 |
Cutenews | Cutephp | 0.88 | 0.88 |
Cutenews | Cutephp | 1.3 | 1.3 |
Cutenews | Cutephp | * | * |
Cutenews | Cutephp | 1.3.1 | 1.3.1 |