CVE-2010-1111

Name of the Vulnerable Software and Affected Versions Jokes Complete Website (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters. The affected parameters include the id parameter to "joke.php" and the searchingred parameter to "results.php".

Recommendations For all affected versions, consider restricting access to the joke.php and results.php scripts until a fix is available. As a temporary workaround, avoid using the id parameter in the "joke.php" script and the searchingred parameter in the "results.php" script until the issue is resolved.