CVE-2005-0674

Name of the Vulnerable Software and Affected Versions paBox version 1.6

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the text hidden parameter in an HTTP POST request.

Recommendations For paBox version 1.6, consider restricting access to the News module until a fix is available. As a temporary workaround, avoid using the text hidden parameter in HTTP POST requests to minimize the risk of exploitation.