CVE-2008-2839

Name of the Vulnerable Software and Affected Versions Traindepot version 0.1

Description A cross-site scripting (XSS) issue exists in the search module, allowing remote attackers to inject arbitrary web script or HTML via the query parameter to "index.php".

Recommendations For Traindepot version 0.1, consider restricting access to the search module until a patch is available, and avoid using the query parameter in the affected "index.php" endpoint to minimize the risk of exploitation.