CVE-2003-1238 Information

Description

Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team (2) News and (3) Liens modules.

Reference

http://archives.neohapsis.com/archives/bugtraq/2003-02/0276.html http://archives.neohapsis.com/archives/bugtraq/2003-03/0275.html http://www.iss.net/security_center/static/11420.php http://www.securityfocus.com/bid/6916