CVE-2007-5052

Name of the Vulnerable Software and Affected Versions Vigile CMS version 1.8

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The injection can occur via requests to the wiki module with the title parameter or a "title=" sequence in the PATH INFO, or via requests to the download module with the cat parameter or a "cat=" sequence in the PATH INFO.

Recommendations For Vigile CMS version 1.8, as a temporary workaround, consider restricting access to the wiki and download modules until a patch is available. Avoid using the title and cat parameters in the affected API endpoints until the issue is resolved.