CVE-2007-5724

Name of the Vulnerable Software and Affected Versions Omnistar Live (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the category id parameter to the "users/kb.php" endpoint and possibly the Email Box field in "profile.php" are affected.

Recommendations For Omnistar Live, consider disabling the category id parameter in the "users/kb.php" endpoint and restricting access to the Email Box field in "profile.php" until a fix is available. Avoid using the category id parameter in the "users/kb.php" endpoint and the Email Box field in "profile.php" to minimize the risk of exploitation.