CVE-2002-0292

Name of the Vulnerable Software and Affected Versions Slash versions prior to 2.2.5

Description The issue allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field. This is a result of a cross-site scripting vulnerability.

Recommendations For versions prior to 2.2.5, update to version 2.2.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the formkey field to minimize the risk of exploitation.