CVE-2008-1487

Name of the Vulnerable Software and Affected Versions LinPHA versions prior to 1.3.3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected API endpoints include "ftp/index.php", "viewer.php", "functions/other.php", "include/left menu.class.php", and "plugins/stats/stats view.php".

Recommendations For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected endpoints until a patch is applied. Avoid using the vulnerable endpoints in the meantime to minimize the risk of exploitation.