CVE-2010-0963

Name of the Vulnerable Software and Affected Versions dl Download Ticket Service versions prior to 0.7

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the t parameter in index.php, related to an invalid ticket ID.

Recommendations For versions prior to 0.7, update to version 0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the index.php file or validating the t parameter to prevent injection of malicious scripts.