CVE-2005-4489 Information

Description

Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters and (3) the query string in a story.

Reference

http://pridels0.blogspot.com/2005/12/scoop-xss-vuln.html http://secunia.com/advisories/18182 http://www.osvdb.org/21944 http://www.osvdb.org/21945 http://www.securityfocus.com/bid/16014 http://www.vupen.com/english/advisories/2005/3041