CVE-2007-5677

Name of the Vulnerable Software and Affected Versions Hackish version 1.1

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the go shout parameter in the /shoutbox/blocco.php endpoint. This could lead to the execution of malicious scripts on the client-side.

Recommendations For version 1.1, avoid using the go shout parameter in the /shoutbox/blocco.php endpoint until a fix is available. As a temporary workaround, consider restricting access to the /shoutbox/blocco.php endpoint to minimize the risk of exploitation.