2z Project Rating.PHP Cross Site Scripting Vulnerability

2z Project Rating.PHP Cross Site Scripting Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.

The following proof-of-concept URI is available:

http://www.example.com/2zcms/?category=none&altname=testnews&rating=xxx