CVE-2011-2743

Name of the Vulnerable Software and Affected Versions Chyrp versions 2.1 and earlier

Description The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the action parameter to the default URI or includes/javascript.php, or the title or body parameter to admin/help.php.

Recommendations For Chyrp versions 2.1 and earlier, update to a version later than 2.1 to resolve the issue.