CVE-2007-1291

Name of the Vulnerable Software and Affected Versions TygerBT version 1.1.3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The injection can occur via the PATH INFO to specific API endpoints: "Login.php" and "Register.php".

Recommendations For TygerBT version 1.1.3, consider disabling access to the "Login.php" and "Register.php" endpoints until a patch is available. Restrict input to these endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.