Seasar · Mayaa · CVE-2008-5720
**Name of the Vulnerable Software and Affected Versions**
Mayaa versions prior to 1.1.23
**Description**
The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the `org.seasar.mayaa.impl.engine.PageNotFoundException` exception and possibly other exceptions.
**Recommendations**
For versions prior to 1.1.23, update to version 1.1.23 or later to resolve the issue. As a temporary workaround, consider restricting access to the default error page for the `org.seasar.mayaa.impl.engine.PageNotFoundException` exception to minimize the risk of exploitation.