CVE-2010-4932

Name of the Vulnerable Software and Affected Versions Entrans versions prior to 0.3.3

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the query parameter in the "search.php" endpoint.

Recommendations For versions prior to 0.3.3, update to version 0.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "search.php" endpoint or sanitizing the query parameter to prevent malicious input.