CVE-2009-4989

Name of the Vulnerable Software and Affected Versions AJ Auction Pro OOPD version 3.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action.

Recommendations For AJ Auction Pro OOPD version 3.0, avoid using the txtkeyword parameter in the search action until the issue is resolved. As a temporary workaround, consider restricting access to the search functionality to minimize the risk of exploitation.