Yadij

**Name of the Vulnerable Software and Affected Versions** Squid versions prior to 4.7 **Description** The issue is related to the cachemgr.cgi utility of the Squid proxy server, where it fails to take measures to protect the structure of web pages. This can be exploited by a remote attacker to perform cross-site scripting attacks through the `user name` or `auth` parameter. **Recommendations** For Squid versions prior to 4.7, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the `user name` and `auth` parameters in the cachemgr.cgi web module until a patch is available.