CVE-2002-2278

Name of the Vulnerable Software and Affected Versions: PortailPHP version 0.99

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the App Theme, Rub Search, Rub News, Rub File, Rub Liens, or Rub Faq variables.

Recommendations: For PortailPHP version 0.99, avoid using the variables App Theme, Rub Search, Rub News, Rub File, Rub Liens, or Rub Faq in the mod search/index.php file until a patch is available. As a temporary workaround, consider validating and sanitizing user input to prevent the injection of malicious scripts.