CVE-2006-3033

Name of the Vulnerable Software and Affected Versions MyScrapbook version 3.1

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the input box in "singlepage.php" when submitting scrapbook pages. This occurs because the application does not properly validate user input.

Recommendations For MyScrapbook version 3.1, as a temporary workaround, consider disabling the input box in "singlepage.php" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.