CVE-2006-1417

Name of the Vulnerable Software and Affected Versions Caloris Planitia Online Quiz System version 1.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the exam parameter in prequiz.asp and the msg parameter in student.asp are vulnerable.

Recommendations For Caloris Planitia Online Quiz System version 1.0, consider disabling the exam parameter in prequiz.asp and the msg parameter in student.asp to minimize the risk of exploitation until a patch is available. Restrict access to prequiz.asp and student.asp to minimize the risk of exploitation.