CVE-2006-0136

Name of the Vulnerable Software and Affected Versions: Chimera Web Portal System version 0.2

Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the guestbook module. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters, including comment poster, comment poster email, comment poster homepage, and comment text.

Recommendations: For Chimera Web Portal System version 0.2, as a temporary workaround, consider restricting user input for the comment poster, comment poster email, comment poster homepage, and comment text parameters in the guestbook module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.