CVE-2007-4981

Name of the Vulnerable Software and Affected Versions Obedit version 3.03

Description A cross-site scripting (XSS) issue exists in the save function, allowing remote attackers to inject arbitrary web script or HTML via unknown vectors. This can be demonstrated by injecting a SCRIPT element in an unspecified context when saving a document. The details of the attack are uncertain, making it unclear whether this crosses privilege boundaries.

Recommendations For Obedit version 3.03, consider disabling the save function temporarily until a patch is available to prevent potential exploitation. Restrict access to the save function to minimize the risk of arbitrary web script or HTML injection.