CVE-2008-6946

Name of the Vulnerable Software and Affected Versions: Collabtive version 0.4.8

Description: A cross-site scripting (XSS) issue exists due to improper handling of user input in the project Name field when an administrator performs an editform action. This allows attackers to inject arbitrary web script or HTML.

Recommendations: For Collabtive version 0.4.8, consider restricting access to the manageproject.php file until a proper fix is applied, and ensure that all user input is properly sanitized to prevent XSS attacks. As a temporary workaround, avoid using the project Name field in manageproject.php for any sensitive operations.