CVE-2006-1270

Name of the Vulnerable Software and Affected Versions Inprotect version 0.21

Description The issue allows remote attackers to inject arbitrary web script or HTML via the Name or Description field in zones.php, potentially leading to cross-site scripting (XSS) attacks.

Recommendations For Inprotect version 0.21, consider validating and sanitizing user input for the Name and Description fields to prevent XSS attacks. As a temporary workaround, restrict access to the zones.php file until a patch is available.