CVE-2004-1420

Name of the Vulnerable Software and Affected Versions: WHM AutoPilot versions 2.4.6.5 and earlier

Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the site title or http images parameter.

Recommendations: For versions 2.4.6.5 and earlier, update to a version later than 2.4.6.5 to resolve the issue. As a temporary workaround, consider restricting access to the header.php file or validating and sanitizing user input for the site title and http images parameters to prevent malicious script injection.