CVE-2002-1853

Name of the Vulnerable Software and Affected Versions MyNewsGroups versions 0.4 through 0.4.1

Description The issue allows remote attackers to inject arbitrary web script or HTML via the subject of a newsgroup post. This is due to improper handling by several scripts, including "myarticles.php", "search.php", "stats.php", and "standard.lib.php".

Recommendations For MyNewsGroups versions 0.4 through 0.4.1, consider disabling the subject field in newsgroup posts until a patch is available to prevent arbitrary web script or HTML injection. Restrict access to the affected scripts, such as "myarticles.php", "search.php", "stats.php", and "standard.lib.php", to minimize the risk of exploitation.