Nucleus CMS 'action.php' Cross-Site Scripting Vulnerability

Bugtraq ID:	27492
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 29 2008 12:00AM
Updated:	Jan 29 2008 07:17PM
Credit:	Alexandr Polyakov and Stas Svistunovich of the Digital Security Research Group are credited with the discovery of this vulnerability.
Vulnerable:	Nucleus CMS Nucleus CMS 3.22 Nucleus CMS Nucleus CMS 3.21 Nucleus CMS Nucleus CMS 3.2 Nucleus CMS Nucleus CMS 3.1 Nucleus CMS Nucleus CMS 3.0.1 Nucleus CMS Nucleus CMS 3.0 RC Nucleus CMS Nucleus CMS 3.0 1 Nucleus CMS Nucleus CMS 3.0 Nucleus CMS Nucleus CMS 3.31 Nucleus CMS Nucleus CMS 3.24 Nucleus CMS Nucleus CMS 3.23 Nucleus CMS Nucleus CMS 3.23

Not Vulnerable:	Nucleus CMS Nucleus CMS 3.32