CVE-2011-5228

Name of the Vulnerable Software and Affected Versions appRain CMF version 0.1.5

Description The issue is related to a cross-site scripting (XSS) vulnerability in the Search module. This allows remote attackers to inject arbitrary web script or HTML via the ss parameter in the quickstart/search module.

Recommendations For appRain CMF version 0.1.5, as a temporary workaround, consider restricting access to the Search module until a patch is available. Avoid using the ss parameter in the affected module to minimize the risk of exploitation.