CVE-2009-4586

Name of the Vulnerable Software and Affected Versions Wowd client versions prior to 1.3.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the sortby, tags, or ctx parameters in a search action.

Recommendations For versions prior to 1.3.1, update to version 1.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the search action or validating and sanitizing user input for the sortby, tags, and ctx parameters to minimize the risk of exploitation.