CVE-2008-3342

Name of the Vulnerable Software and Affected Versions MyioSoft EasyPublish version 3.0tr

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the read parameter in an edp News action. This could potentially lead to unauthorized access or control of user sessions.

Recommendations For MyioSoft EasyPublish version 3.0tr, consider restricting access to the edp News action or validating and sanitizing the read parameter to prevent injection of malicious scripts. As a temporary workaround, avoid using the read parameter in the affected API endpoint until the issue is resolved.