CVE-2003-1238

Name of the Vulnerable Software and Affected Versions Nuked-Klan versions 1.3 beta and earlier

Description A cross-site scripting issue allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into the top of the Team, News, and Liens modules.

Recommendations For versions 1.3 beta and earlier, update to a version later than 1.3 beta to resolve the issue. As a temporary workaround, consider restricting access to the Team, News, and Liens modules until a patch is available. Avoid using these modules with untrusted input until the issue is resolved.