CVE-2006-7190

Name of the Vulnerable Software and Affected Versions WebAPP versions prior to 20060515

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors in the viewnews function. This is related to the use of doubbctopic instead of doubbc.

Recommendations For versions prior to 20060515, update to version 20060515 or later to resolve the issue. As a temporary workaround, consider restricting access to the cgi-bin/user-lib/topics.pl script until the update is applied.