CVE-2005-4204

Name of the Vulnerable Software and Affected Versions LogiSphere version 0.9.9j

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary Javascript via the msg command. The extent to which this issue may be related to or distinct from a denial-of-service (DoS) issue associated with the msg command is unclear due to a lack of detailed information from the original researcher.

Recommendations For LogiSphere version 0.9.9j, as a temporary workaround, consider restricting the use of the msg command until a patch or more detailed guidance is available.