CVE-2008-2842

Name of the Vulnerable Software and Affected Versions doITLive CMS versions 2.50 and earlier

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the FILE parameter in the edit/showmedia.asp file.

Recommendations For doITLive CMS versions 2.50 and earlier, update to a version later than 2.50 to resolve the issue. As a temporary workaround, consider restricting access to the edit/showmedia.asp file to minimize the risk of exploitation. Avoid using the FILE parameter in the affected file until the issue is resolved.