CVE-2007-6085

Name of the Vulnerable Software and Affected Versions VigileCMS version 1.4

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live chat module.

Recommendations For VigileCMS version 1.4, consider disabling the vedipm and live chat modules until a patch is available to prevent exploitation of the XSS vulnerabilities. Restrict access to the message field in these modules to minimize the risk of arbitrary web script or HTML injection.