Gossamer Threads · Gossamer Threads Links Sql · CVE-2005-1492
Name of the Vulnerable Software and Affected Versions:
Gossamer Threads Links SQL versions 2.x through 3.0
Description:
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `url` parameter in the user.cgi component. This could potentially lead to unauthorized actions on the affected system.
Recommendations:
For versions 2.x through 3.0, update to a version that includes a fix for this issue, as using the vulnerable version could allow for the injection of malicious scripts.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.