CVE-2006-2423

Name of the Vulnerable Software and Affected Versions Confixx version 3.1.2

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the login parameter in the ftplogin/index.php file.

Recommendations For Confixx version 3.1.2, update the ftplogin/index.php file to properly sanitize the login parameter to prevent arbitrary web script or HTML injection. As a temporary workaround, consider restricting access to the ftplogin/index.php file until a patch is available.