CVE-2008-7037

Name of the Vulnerable Software and Affected Versions ITN News Gadget versions 1.06 through 1.23

Description The issue allows remote web servers or man-in-the-middle attackers to execute arbitrary commands via script in a short title response. This is related to the Sidebar gadget in ITN News Gadget.

Recommendations For versions 1.06 through 1.23, consider disabling the Sidebar gadget until a patch is available. Restrict access to the gadget to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.