Unknown · Tinyguestbook · CVE-2011-5199
**Name of the Vulnerable Software and Affected Versions**
tinyguestbook (affected versions not specified)
**Description**
The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the `msg` parameter in the "sign.php" file.
**Recommendations**
For tinyguestbook, consider restricting the use of the `msg` parameter in the sign.php file until a patch is available. Avoid using the `msg` parameter in the affected sign.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.