CVE-2007-3211

Name of the Vulnerable Software and Affected Versions: Domain Technologie Control (DTC) versions prior to 0.25.9

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the PATH INFO (REQUEST URI).

Recommendations: For versions prior to 0.25.9, update to version 0.25.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable 404.php file until a patch is applied. Avoid using the PATH INFO (REQUEST URI) in the affected endpoint until the issue is resolved.