CVE-2007-1151

Name of the Vulnerable Software and Affected Versions LoveCMS version 1.4

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the id parameter to the top-level URI. This might be related to a SQL error, but specific details about the error are not provided.

Recommendations For LoveCMS version 1.4, as a temporary workaround, consider restricting access to the id parameter in the top-level URI until a patch is available. Avoid using the id parameter in the affected URI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.