CVE-2007-1331

Name of the Vulnerable Software and Affected Versions TKS Banking Solutions ePortfolio version 1.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, bypassing the client-side protection scheme. One potential vector may be related to the q parameter in the search program.

Recommendations For TKS Banking Solutions ePortfolio version 1.0, consider restricting access to the search program until a fix is available. Avoid using the q parameter in the search program to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.