CutePHP CuteNews Index.PHP Cross-Site Scripting Vulnerability

CutePHP CuteNews Index.PHP Cross-Site Scripting Vulnerability

An exploit is not required.

The following proof-of-concept URI was provided:
http://www.example.com/index.php?subaction=showcomments&id=[number]&archive=&start_from=&ucat=&">[code]