CVE-2007-6002

Name of the Vulnerable Software and Affected Versions Fenriru Sleipnir versions 2.5.17 R2 and earlier Fenriru Grani versions 3.0 and earlier

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section. This can be exploited by injecting malicious code into the Search field.

Recommendations For Fenriru Sleipnir versions 2.5.17 R2 and earlier, avoid using the Search field in the Favorites section until a fix is available. For Fenriru Grani versions 3.0 and earlier, restrict access to the Search functionality to minimize the risk of exploitation. As a temporary workaround, consider disabling the Search field in the Favorites section for both Sleipnir and Grani until a patch is available.