CVE-2007-0529

Name of the Vulnerable Software and Affected Versions phpLD versions 3.0.6 and earlier

Description A cross-site scripting (XSS) issue exists in the administration page, specifically in index.html, allowing remote attackers to inject arbitrary web script or HTML via a crafted link. This issue is triggered when the administrator uses the "Validate Links" functionality.

Recommendations For phpLD versions 3.0.6 and earlier, update to a version later than 3.0.6 to resolve the issue. As a temporary workaround, consider restricting access to the "Validate Links" functionality until a patch is available. Avoid using the "Validate Links" feature with untrusted links to minimize the risk of exploitation.