CVE-2004-2656

Name of the Vulnerable Software and Affected Versions Slashcode versions prior to R 2 5 0 41

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities can be exploited via the topic parameter in the "search.pl" endpoint and the filter parameter in the "submit.pl" endpoint.

Recommendations For versions prior to R 2 5 0 41, update to version R 2 5 0 41 or later to resolve the issue. As a temporary workaround, consider restricting access to the search.pl and submit.pl endpoints to minimize the risk of exploitation. Avoid using the topic and filter parameters in these endpoints until the issue is resolved.