CVE-2006-2367

Name of the Vulnerable Software and Affected Versions Clansys (aka Clanpage System) versions 1.0 through 1.1

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the func parameter in a search function.

Recommendations For Clansys (aka Clanpage System) versions 1.0 through 1.1, as a temporary workaround, consider restricting access to the search function until a patch is available. Avoid using the func parameter in the affected search function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.