CVE-2005-0628

Name of the Vulnerable Software and Affected Versions Forumwa version 1.0

Description The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the keyword parameter in "search.php" or through the body or subject of a forum message.

Recommendations For Forumwa version 1.0, avoid using the vulnerable parameters keyword, body, and subject in the affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to "search.php" and forum message posting until a patch is available.