CVE-2007-1625

Name of the Vulnerable Software and Affected Versions realGuestbook version 5.01

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the homepage parameter in save entry.php, which is reachable through add entry.php.

Recommendations For realGuestbook version 5.01, consider restricting access to the save entry.php file or validating and sanitizing the homepage parameter to prevent injection of malicious scripts. As a temporary workaround, avoid using the homepage parameter in the affected API endpoint until the issue is resolved.