CVE-2011-4616

Name of the Vulnerable Software and Affected Versions HTML-Template-Pro versions prior to 0.9507

Description The issue is related to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via template parameters. This is due to improper handling of > (greater than) and < (less than) characters.

Recommendations For versions prior to 0.9507, update to version 0.9507 or later to resolve the issue. As a temporary workaround, consider restricting the use of template parameters to minimize the risk of exploitation.