CVE-2005-4858

Name of the Vulnerable Software and Affected Versions: Mimic2 versions 086 and earlier

Description: The issue allows remote attackers to inject arbitrary web script or HTML via unspecified parameters associated with the name, title, and comment sections. This can be demonstrated by referencing a remote document through the SRC attribute of an IFRAME element.

Recommendations: For Mimic2 versions 086 and earlier, as a temporary workaround, consider restricting access to the name, title, and comment sections to minimize the risk of exploitation. Avoid using these parameters in the affected sections until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.