CVE-2006-4718

Name of the Vulnerable Software and Affected Versions KorviBlog version 1.3.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the prenom, emailFrom, or body parameters.

Recommendations For KorviBlog version 1.3.0, as a temporary workaround, consider restricting the use of the prenom, emailFrom, and body parameters until a patch is available. Avoid using these parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.