Unknown · Elite Forum · CVE-2005-3412
**Name of the Vulnerable Software and Affected Versions**
Elite Forum version 1.0.0.0
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a Post Reply to a topic. This is achieved by including a javascript: URL in an <img> tag.
**Recommendations**
For Elite Forum version 1.0.0.0, as a temporary workaround, consider disabling the Post Reply feature until a patch is available. Restrict access to posting replies that contain <img> tags with javascript: URLs to minimize the risk of exploitation.