CVE-2005-4398

Name of the Vulnerable Software and Affected Versions lemoon versions 2.0 and earlier

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the q parameter. The vendor has disputed this issue, stating that the problem exists in a custom-made site built on lemoon, specifically in a UserControl that handles form input, and is not related to the lemoon core product.

Recommendations For lemoon versions 2.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.