CVE-2007-1390

Name of the Vulnerable Software and Affected Versions dynaliens versions 2.0 through 2.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The attack vectors include unspecified parameters to API endpoints such as "recherche.php3" or "ajouter.php3".

Recommendations For dynaliens versions 2.0 through 2.1, as a temporary workaround, consider restricting access to the "recherche.php3" and "ajouter.php3" endpoints until a patch is available. Avoid using unspecified parameters in these endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.