CVE-2005-0660

Name of the Vulnerable Software and Affected Versions D-Forum version 1.11

Description The issue allows remote attackers to inject arbitrary web script or HTML via certain fields. This can be demonstrated using the page parameter in "nav.php3".

Recommendations For D-Forum version 1.11, consider validating and sanitizing user input to prevent the injection of malicious scripts or HTML, especially for the page parameter in "nav.php3". As a temporary workaround, restrict access to the "nav.php3" page until a proper fix is applied.