CVE-2006-1709

Name of the Vulnerable Software and Affected Versions: interaktiv.shop version 5

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the pn and sbeg parameters.

Recommendations: For interaktiv.shop version 5, avoid using the pn and sbeg parameters in the affected API endpoint until the issue is resolved. Restrict access to the vulnerable shop main.cgi module to minimize the risk of exploitation.