CVE-2006-3273

Name of the Vulnerable Software and Affected Versions Some Chess version 1.5 rc1

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the user parameter, specifically in the "New Name" field of the menu.php file.

Recommendations For version 1.5 rc1, avoid using the user parameter in the menu.php file until a fix is available. As a temporary workaround, consider restricting access to the menu.php file to minimize the risk of exploitation.