CVE-2003-1278

Name of the Vulnerable Software and Affected Versions OpenTopic version 2.3.1

Description A cross-site scripting issue allows remote attackers to execute arbitrary scripts as other users, potentially stealing authentication information via cookies. This is achieved by injecting arbitrary HTML or script into IMG tags.

Recommendations For OpenTopic version 2.3.1, update to a version that fixes this issue to prevent remote attackers from executing arbitrary scripts. As a temporary workaround, consider restricting the ability to inject HTML or script into IMG tags until a patch is available.