CVE-2006-2684

Name of the Vulnerable Software and Affected Versions CMS Mundo version 1.0

Description A cross-site scripting (XSS) issue exists in the search module, allowing remote attackers to inject arbitrary web script or HTML via the searchstring parameter. This enables attackers to potentially execute malicious scripts on the victim's browser.

Recommendations For CMS Mundo version 1.0, as a temporary workaround, consider restricting access to the search module until a patch is available. Avoid using the searchstring parameter in the affected search functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.