CVE-2004-1779

Name of the Vulnerable Software and Affected Versions ThWboard versions prior to beta 2.84

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the lastvisited parameter in the board.php file.

Recommendations For versions prior to beta 2.84, update to beta 2.84 or later to resolve the issue. As a temporary workaround, consider restricting access to the lastvisited parameter in the board.php file to minimize the risk of exploitation.