Openca · Openca · CVE-2004-0787
**Name of the Vulnerable Software and Affected Versions**
OpenCA versions 0.9.1-8 and earlier
OpenCA versions 0.9.2 RC6 and earlier
**Description**
A cross-site scripting (XSS) issue exists in the web frontend, allowing remote attackers to inject arbitrary web script or HTML via the form input fields.
**Recommendations**
For OpenCA versions 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, consider restricting access to the web frontend until a fix is available.
As a temporary workaround, consider validating and sanitizing all user input in the form fields to prevent malicious script injection.