Description
Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query string in a story.
Exploits (2)
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/21945
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16014
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/21944
Third Party Advisory x_refsource_misc
http://pridels0.blogspot.com/2005/12/scoop-xss-vuln.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/3041
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18182
Scores
EPSS
0.0078
EPSS Percentile
73.7%
Details
Status
published
Products (1)
scoop/scoop
< 1.1_rc1
Published
Dec 22, 2005
Tracked Since
Feb 18, 2026