CVE-2007-4587

Name of the Vulnerable Software and Affected Versions escafeWeb versions 1.0 through 1.0.4

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This might be related to the setting of option.nopage.create in tuigwaa.properties.

Recommendations For escafeWeb versions 1.0 through 1.0.4, consider restricting access to sensitive areas of the application until a fix is available, and review the configuration of tuigwaa.properties to ensure that settings like option.nopage.create do not introduce security risks. At the moment, there is no information about a newer version that contains a fix for this issue.