CVE-2014-9516

Name of the Vulnerable Software and Affected Versions Social Microblogging PRO version 1.5

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the PATH INFO to the default URI. The vulnerability is specifically related to the "Web Site" input in the Profile section.

Recommendations For Social Microblogging PRO version 1.5, consider restricting access to the Profile section until a fix is available, and avoid using the "Web Site" input field to minimize the risk of exploitation.