CVE-2005-0662

Name of the Vulnerable Software and Affected Versions MercuryBoard version 1.1.2

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the Avatar field in index.php. This could potentially lead to unauthorized actions on the affected system.

Recommendations For MercuryBoard version 1.1.2, consider validating and sanitizing user input for the Avatar field to prevent the injection of malicious scripts. As a temporary workaround, restrict access to the Avatar field until a patch is available.