CVE-2005-1715 Information

Description

Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers to inject arbitrary web script or HTML via the (1) m (2) s (3) ID or (4) t parameters or the (5) field name (6) Your Web field or (7) email field in the comments section.

Reference

http://lostmon.blogspot.com/2005/05/topo-22-multiple-variable-fields-xss.html http://secunia.com/advisories/15325 http://securitytracker.com/id?1014016 http://www.osvdb.org/16699 http://www.securityfocus.com/bid/13700 http://www.securityfocus.com/bid/13701