CVE-2007-0176

Name of the Vulnerable Software and Affected Versions GForge version 4.5.11

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the words parameter in the search/advanced search.php file.

Recommendations For GForge version 4.5.11, update to a version that fixes this issue to prevent remote attackers from injecting arbitrary web script or HTML via the words parameter. At the moment, there is no information about a newer version that contains a fix for this vulnerability.