CVE-2006-2305

Name of the Vulnerable Software and Affected Versions Jadu CMS (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via several parameters to the "site/scripts/register.php" endpoint. The vulnerable parameters include forename, surname, reg email, email conf, company, city, postcode, and telephone.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.