CVE-2002-1931

Name of the Vulnerable Software and Affected Versions PHP Arena paFileDB versions 1.1.3 and 2.1.1

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string. This could potentially lead to unauthorized actions on the affected system.

Recommendations For PHP Arena paFileDB version 1.1.3, update to a version that fixes this issue. For PHP Arena paFileDB version 2.1.1, update to a version that fixes this issue. As a temporary workaround, consider restricting the use of Javascript in the search string to minimize the risk of exploitation.