CVE-2005-3977

Name of the Vulnerable Software and Affected Versions QualityEBiz Quality PPC version 1553

Description A cross-site scripting (XSS) issue allows remote attackers to inject web script or HTML via the REQ parameter to the "search module" API endpoint.

Recommendations For QualityEBiz Quality PPC version 1553, as a temporary workaround, consider restricting access to the search module until a patch is available. Avoid using the REQ parameter in the affected search module API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.