CVE-2009-4157

Name of the Vulnerable Software and Affected Versions com proofreader component versions 1.0 RC9 and earlier for Joomla!

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the index.php file of the com proofreader component. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the URI. The vulnerabilities are specifically related to improper handling in 404 or error pages.

Recommendations For com proofreader component versions 1.0 RC9 and earlier, consider disabling the index.php file in the com proofreader component until a patch is available to prevent exploitation of the XSS vulnerabilities. Restrict access to error pages and 404 pages to minimize the risk of exploitation. Avoid using user-supplied input in the URI to prevent injection of arbitrary web script or HTML.