This script is Copyright (C) 2004-2012 Tenable Network Security, Inc.
The remote web server contains a PHP script that is prone to cross-
site scripting attacks.
The version of CuteNews installed on the remote host is vulnerable to
a cross-site scripting (XSS) attack. An attacker, exploiting this
flaw, would need to be able to coerce a user to browse to a
purposefully malicious URI. Upon successful exploitation, the
attacker would be able to run code within the web-browser in the
security context of the CuteNews server.
See also :
Upgrade to the latest version.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true