CVE-2009-1732

Name of the Vulnerable Software and Affected Versions IPplan versions 4.91a

Description The issue concerns multiple vulnerabilities in the IPplan package of the Debian GNU/Linux operating system, which can lead to a breach of protected information integrity. These vulnerabilities can be exploited remotely. Specifically, a cross-site scripting (XSS) vulnerability exists in the admin/usermanager component of IPplan, allowing remote attackers to inject arbitrary web scripts or HTML via the grp parameter.

Recommendations For IPplan version 4.91a, consider restricting access to the admin/usermanager component until a patch is available. As a temporary workaround, avoid using the grp parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.