CVE-2004-0067

Name of the Vulnerable Software and Affected Versions phpGedView versions prior to 2.65 phpGedView version 4.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary HTML or web script via various API endpoints, including "descendancy.php", "index.php", "individual.php", "login.php", "relationship.php", "source.php", "imageview.php", "calendar.php", "gedrecord.php", and "gdbi interface.php".

Recommendations For phpGedView versions prior to 2.65, update to version 2.65 or later to resolve the issue. For phpGedView version 4.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.