CVE-2005-4574 Information

Description

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter.

Reference

http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html http://secunia.com/advisories/18257 http://www.osvdb.org/21931 http://www.securityfocus.com/bid/16071 https://exchange.xforce.ibmcloud.com/vulnerabilities/23864