CVE-2008-3397

Name of the Vulnerable Software and Affected Versions Runesoft Cerberus CMS versions prior to 3 1.4 0.9

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a cerberus user cookie. This enables attackers to execute malicious scripts on the victim's browser.

Recommendations For versions prior to 3 1.4 0.9, update to version 3 1.4 0.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the cerberus user cookie to minimize the risk of exploitation.