CVE-2007-4141

Name of the Vulnerable Software and Affected Versions OpenRat CMS versions 0.8-beta1 and earlier

Description The issue allows remote attackers to obtain sensitive information by sending a request with an XSS sequence in the action parameter to "index.php", which reveals the path in an error message.

Recommendations For OpenRat CMS versions 0.8-beta1 and earlier, avoid using the action parameter in the "index.php" endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.