CVE-2005-4383 Information

Description

Cross-site scripting (XSS) vulnerability in index.cfm in CitySoft Community Enterprise 4.x allows remote attackers to inject arbitrary web script or HTML via the (1) presentationSite (2) docPublishYear (3) docDescription (4) publishState (5) docAuthor (6) docTitle (7) subTopic (8) topic (9) topicRadio (10) topicOnly (11) startrow and (12) sortby parameters.

Reference

http://pridels0.blogspot.com/2005/12/community-enterprise-4x-multiple-vuln.html http://secunia.com/advisories/18145 http://www.osvdb.org/21856 http://www.vupen.com/english/advisories/2005/2979 https://exchange.xforce.ibmcloud.com/vulnerabilities/23821