CVE-2008-4730

Name of the Vulnerable Software and Affected Versions phpMyID version 0.9

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the openid trust root parameter and an inconsistent openid return to parameter. This inconsistency is not properly handled in an error message, leading to potential exploitation.

Recommendations For phpMyID version 0.9, as a temporary workaround, consider restricting access to the MyID.php file until a patch is available. Additionally, avoid using inconsistent openid return to parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.