CVE-2005-3436

Name of the Vulnerable Software and Affected Versions Nuked-Klan version 1.7

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via certain modules and fields, including the Search module, edit fields in Guestbook, the title in the Forum module, and Textbox. This could potentially lead to unauthorized actions on the affected web application.

Recommendations For Nuked-Klan version 1.7, consider disabling the Search module, restricting access to edit fields in Guestbook, limiting input in the title field of the Forum module, and avoiding the use of the Textbox until a fix is available. As a temporary workaround, restrict user input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.