CVE-2006-2015

Name of the Vulnerable Software and Affected Versions SL site version 1.0

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in "recherche.php". This enables attackers to execute malicious scripts on the victim's browser.

Recommendations For SL site version 1.0, avoid using the recherche parameter in the "recherche.php" endpoint until a fix is available. As a temporary workaround, consider restricting access to the recherche.php endpoint to minimize the risk of exploitation.