CVE-2004-2072

Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter.

Date published : 2005-05-19

http://www.securityfocus.com/bid/9588

http://www.systemsecure.org/advisories/ssadvisory06022004.php