CVE-2005-2416 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module.

Reference

http://marc.info/?l=bugtraq&m=112206702015439&w=2 http://secunia.com/advisories/16169 http://securitytracker.com/id?1014554 http://www.hardened-php.net/advisory_112005.59.html http://www.osvdb.org/18168 http://www.osvdb.org/18169 http://www.securityfocus.com/bid/14352 https://exchange.xforce.ibmcloud.com/vulnerabilities/21484 https://exchange.xforce.ibmcloud.com/vulnerabilities/21487