CVE-2004-1911

Name of the Vulnerable Software and Affected Versions AzDGDatingLite version 2.1.1

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the l parameter (also known as the language variable) to "index.php" or the id parameter to "view.php".

Recommendations For AzDGDatingLite version 2.1.1, consider validating and sanitizing user input for the l parameter in "index.php" and the id parameter in "view.php" to prevent arbitrary script injection. As a temporary workaround, restrict access to these parameters until a patch is available.