CVE-2014-9917

Name of the Vulnerable Software and Affected Versions Bilboplanet version 2.0

Description A stored XSS issue was found when adding a tag via the "user/?page=tribes" API endpoint, specifically through the tags parameter.

Recommendations For Bilboplanet version 2.0, as a temporary workaround, consider restricting access to the tags parameter in the "user/?page=tribes" API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.