CVE-2007-0144

Name of the Vulnerable Software and Affected Versions Digitizing Quote And Ordering System version 1.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. It affects the search.asp file and allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter.

Recommendations For Digitizing Quote And Ordering System version 1.0, avoid using the ordernum parameter in the search.asp file until the issue is resolved. As a temporary workaround, consider restricting access to the search.asp file to minimize the risk of exploitation.