CVE-2006-2567

Name of the Vulnerable Software and Affected Versions Alstrasoft Article Manager Pro version 1.6

Description The issue allows remote attackers to inject arbitrary web script or HTML when submitting an article. This can be achieved by using a javascript URI in a Cascading Style Sheets (CSS) property of a STYLE attribute of an element.

Recommendations For Alstrasoft Article Manager Pro version 1.6, consider validating and sanitizing user input in the submit article.php file to prevent the injection of malicious scripts or HTML. As a temporary workaround, restrict access to the submit article.php file until a proper fix is applied.