CVE-2007-3686

Name of the Vulnerable Software and Affected Versions Unobtrusive Ajax Star Rating Bar versions prior to 1.2.0

Description The issue concerns a CRLF injection vulnerability. This vulnerability allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP REFERER parameter.

Recommendations For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the db.php file to minimize the risk of exploitation. Avoid using the HTTP REFERER parameter in sensitive operations until the issue is resolved.