CVE-2004-1410

Name of the Vulnerable Software and Affected Versions: Gadu-Gadu versions prior to build 156

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script via a URL. This script is echoed in a popup window that displays a parsing error message.

Recommendations: For versions prior to build 156, update to a version later than build 155 to resolve the issue. As a temporary workaround, consider restricting access to URLs that may trigger the popup window displaying the parsing error message.