CVE-2006-6746

Publication date

2006-12-27 05:00:00

Family

mitre

State

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 allow remote attackers to inject arbitrary web script or HTML via the id_news parameter to (1) add_comment.php or (2) show_news.php.