CVE-2007-1828

Name of the Vulnerable Software and Affected Versions: web-app.org WebAPP versions prior to 0.9.9.6

Description: The issue allows remote authenticated users to inject arbitrary web script or HTML, which can lead to cross-site scripting (XSS) attacks. This is possible via the QUERY STRING corresponding to drop downs or various forms.

Recommendations: For versions prior to 0.9.9.6, update to version 0.9.9.6 or later to resolve the issue.