CVE-2007-5647

Name of the Vulnerable Software and Affected Versions SocketKB version 1.1.5

Description The issue allows remote attackers to inject arbitrary web script or HTML via the art id or node parameter in an article action to the default URI. This can lead to cross-site scripting (XSS) attacks.

Recommendations For SocketKB version 1.1.5, as a temporary workaround, consider restricting access to the article action or validating and sanitizing the art id and node parameters to prevent arbitrary script injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.