CVE-2007-0553

Name of the Vulnerable Software and Affected Versions PHProxy versions prior to 0.5 beta 2

Description The issue allows remote attackers to inject arbitrary web script or HTML via the data[realm] and url parameters in the index.inc.php file. This is due to multiple cross-site scripting (XSS) vulnerabilities.

Recommendations For versions prior to 0.5 beta 2, update to version 0.5 beta 2 or later to resolve the issue. As a temporary workaround, consider restricting access to the index.inc.php file and avoiding the use of the data[realm] and url parameters until the issue is resolved.