CVE-2006-0124

Name of the Vulnerable Software and Affected Versions: ADN Forum version 1.0b

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the titulo parameter, which is used by the "Topic name" field. This parameter is part of the crear.php file.

Recommendations: For ADN Forum version 1.0b, as a temporary workaround, consider restricting access to the crear.php file or sanitizing input for the titulo parameter to prevent XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.