CVE-2006-7187

Name of the Vulnerable Software and Affected Versions WebAPP versions prior to 20060909

Description A cross-site scripting (XSS) issue exists in the show recent searches function, allowing remote attackers to inject arbitrary web script or HTML via the srch variable. This can be exploited through the /cgi-lib/user-lib/search.pl endpoint.

Recommendations For versions prior to 20060909, update to a version released after 20060909 to resolve the issue. As a temporary workaround, consider restricting access to the show recent searches function in search.pl to minimize the risk of exploitation. Avoid using the srch variable in the affected endpoint until the issue is resolved.