CVE-2003-1136

Name of the Vulnerable Software and Affected Versions Chi Kien Uong Guestbook version 1.51

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via HTML in a posted message or Javascript in an onmouseover attribute in an e-mail address or URL.

Recommendations For version 1.51, update to a newer version that contains a fix for this issue, or as a temporary workaround, consider disabling the ability to post HTML messages and restricting the use of Javascript in user-inputted fields until a patch is available.