CVE-2009-4547

Name of the Vulnerable Software and Affected Versions ViArt CMS versions 3.x

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities can be exploited via the category id parameter to "forums.php", or the forum id parameter to "forum.php" or "forum topic new.php".

Recommendations For ViArt CMS version 3.x, update to a version that includes a fix for these XSS vulnerabilities. As a temporary workaround, consider restricting access to the "forums.php", "forum.php", and "forum topic new.php" scripts until a patch is available. Avoid using the category id and forum id parameters in the affected scripts until the issue is resolved.