CVE-2004-1059

Name of the Vulnerable Software and Affected Versions: mnoGoSearch versions 3.2.26 and earlier

Description: The issue allows remote attackers to inject arbitrary HTML and web script via specific search pages and forms, including the next and prev result search pages, and the extended and simple search forms.

Recommendations: For versions 3.2.26 and earlier, update to a version later than 3.2.26 to resolve the issue. As a temporary workaround, consider restricting access to the search functionality until a patch is available. Avoid using the vulnerable search forms, specifically the extended and simple search forms, until the issue is resolved.