CVE-2007-5478

Name of the Vulnerable Software and Affected Versions: Nabh Stringbeans Portal (sbportal) version 3.2

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the project name parameter. This enables attackers to execute malicious scripts on the client-side, potentially leading to unauthorized actions or data theft.

Recommendations: For version 3.2, avoid using the project name parameter in affected API endpoints until the issue is resolved. As a temporary workaround, consider validating and sanitizing all user-input data to prevent malicious script injections.