CVE-2007-0973

Name of the Vulnerable Software and Affected Versions: Jupiter CMS version 1.1.5

Description: The issue allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers. These headers are displayed without proper sanitization when an administrator performs a Logged Guest action.

Recommendations: For Jupiter CMS version 1.1.5, consider disabling the display of HTTP headers for administrators performing a Logged Guest action until a patch is available. Restrict access to the index.php file to minimize the risk of exploitation. Avoid using the Referer HTTP header in the affected index.php file until the issue is resolved.