CVE-2009-1228

Name of the Vulnerable Software and Affected Versions Arcadwy Arcade Script CMS (affected versions not specified)

Description The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the user name parameter in the register.php file.

Recommendations For all affected versions, avoid using the user name parameter in the register.php file until a fix is available. As a temporary workaround, consider validating and sanitizing user input for the user name parameter to prevent malicious script injection.