CVE-2006-7023

Name of the Vulnerable Software and Affected Versions fx-APP version 0.0.8.1

Description The issue allows remote attackers to inject arbitrary HTML or web script via several fields, including the search box, url, website, comment, and signature fields in the profile, and possibly a menu item. This can lead to cross-site scripting (XSS) attacks.

Recommendations For fx-APP version 0.0.8.1, consider disabling the search box and restricting input in the url, website, comment, and signature fields in the profile until a patch is available. Avoid using potentially vulnerable menu items until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.