CVE-2006-1722

Name of the Vulnerable Software and Affected Versions: ShopXS version 4.0

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the Suchstring1 (also known as search) parameter in the suche.htm file.

Recommendations: For ShopXS version 4.0, consider restricting access to the suche.htm file until a patch is available, and avoid using the Suchstring1 parameter in this context to minimize the risk of exploitation.