CVE-2005-1053

Name of the Vulnerable Software and Affected Versions ModernBill versions 4.3.0 and earlier

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vulnerable parameters are c code and aid.

Recommendations For ModernBill versions 4.3.0 and earlier, update to a version later than 4.3.0 to resolve the issue. As a temporary workaround, consider restricting access to the orderwiz.php file until a patch is available. Avoid using the parameters c code and aid in the affected API endpoint until the issue is resolved.