CVE-2005-1008

Name of the Vulnerable Software and Affected Versions ASP-DEv XM Forum version RC3

Description A cross-site scripting issue exists due to the ability to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag in the posts.asp file. This allows remote attackers to potentially execute malicious scripts.

Recommendations For ASP-DEv XM Forum version RC3, consider validating and sanitizing user input to prevent the injection of malicious scripts, and restrict the use of "javascript:" URLs in IMG tags until a proper fix is available.