CVE-2002-0771
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.
Date published : 2002-07-26
http://www.securityfocus.com/bid/4818
http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html