CVE-2007-5293

Name of the Vulnerable Software and Affected Versions: IDMOS version 1.0-beta

Description: The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the err msg parameter to "error.php" or the content parameter to "templates/simple/ia.php".

Recommendations: For IDMOS version 1.0-beta, consider restricting access to the "error.php" and "ia.php" scripts until a patch is available. As a temporary workaround, avoid using the err msg and content parameters in the affected API endpoints.