CVE-2006-0172

Name of the Vulnerable Software and Affected Versions Hummingbird Collaboration versions 5.21 and earlier

Description A cross-site scripting issue exists in the file manager utility, allowing remote attackers to inject arbitrary web script or HTML in an uploaded page. This occurs because the uploaded page is published without a check for hostile scripting.

Recommendations For versions 5.21 and earlier, update to a version later than 5.21 to resolve the issue. As a temporary workaround, consider restricting the upload of pages through the file manager utility until a patch is available.