CVE-2005-1901

Name of the Vulnerable Software and Affected Versions Sawmill versions prior to 7.1.6

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters, including the username in the Add User window and the license key in the Licensing page.

Recommendations For versions prior to 7.1.6, update to version 7.1.6 or later to resolve the issue. As a temporary workaround, consider restricting input for the username and license key fields to minimize the risk of exploitation.