CVE-2005-4241

Name of the Vulnerable Software and Affected Versions VCD-db versions 0.98 and earlier

Description A cross-site scripting (XSS) issue exists in the category page, allowing remote attackers to inject arbitrary web script or HTML via the batch parameter. This enables attackers to execute malicious scripts on the client-side.

Recommendations For VCD-db versions 0.98 and earlier, update to a version later than 0.98 to resolve the issue. As a temporary workaround, consider restricting access to the category page or sanitizing the batch parameter to prevent malicious input.