CuteNews show_archives.php XSS
Medium Nessus Network Monitor Plugin ID 1726
SynopsisThe remote host is running CuteNews, a news management system implemented in PHP.
DescriptionThe remote host is running CuteNews, a news management system implemented in PHP. It is reported that this version of CuteNews is affected by a cross-site scripting (XSS) vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. An attacker may execute malicious code in a victim's browser and steal credentials on this site.
SolutionNo solution is known at this time.