CVE-2004-0787

Name of the Vulnerable Software and Affected Versions OpenCA versions 0.9.1-8 and earlier OpenCA versions 0.9.2 RC6 and earlier

Description A cross-site scripting (XSS) issue exists in the web frontend, allowing remote attackers to inject arbitrary web script or HTML via the form input fields.

Recommendations For OpenCA versions 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, consider restricting access to the web frontend until a fix is available. As a temporary workaround, consider validating and sanitizing all user input in the form fields to prevent malicious script injection.