CVE-2015-0298

Name of the Vulnerable Software and Affected Versions mod cluster versions prior to 1.3.2.Alpha1

Description A cross-site scripting (XSS) issue exists in the manager web interface, allowing remote attackers to inject arbitrary web script or HTML via a crafted MCMP message. This could potentially lead to unauthorized access or control of the affected system.

Recommendations For versions prior to 1.3.2.Alpha1, update to version 1.3.2.Alpha1 or later to resolve the issue. As a temporary workaround, consider restricting access to the manager web interface to minimize the risk of exploitation.