Ej3 · Ej3 Topo · CVE-2006-0984
**Name of the Vulnerable Software and Affected Versions**
EJ3 TOPo version 2.2.178
**Description**
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `gTopNombre` parameter in the inc header.php file.
**Recommendations**
For version 2.2.178, avoid using the `gTopNombre` parameter in the affected API endpoint until the issue is resolved.