CVE-2006-1806

Name of the Vulnerable Software and Affected Versions Musicbox versions 2.3.3 and earlier

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the term parameter in a search action. This occurs because the term parameter is not properly sanitized, enabling attackers to execute malicious scripts.

Recommendations For Musicbox versions 2.3.3 and earlier, update to a version later than 2.3.3 to resolve the issue. As a temporary workaround, consider restricting access to the search action or sanitizing the term parameter to prevent malicious input.