CVE-2006-4069

Name of the Vulnerable Software and Affected Versions OZJournals version 1.5

Description The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting (XSS) attacks. This can be achieved via the m and c parameters in "index.php", a search action, and a "submit comment" action.

Recommendations For OZJournals version 1.5, consider restricting access to the vulnerable parameters m and c in "index.php" until a patch is available. As a temporary workaround, avoid using the search action and the "submit comment" action to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.