CVE-2006-6518 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in ProNews 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo (2) email (3) date (4) sujet (5) message (6) site and (7) lien parameters to (a) admin/change.php and the (8) aa parameter to (b) lire-avis.php.

Reference

http://securityreason.com/securityalert/2025 http://www.securityfocus.com/archive/1/453964/100/0/threaded http://www.securityfocus.com/bid/21516