CVE-2015-1054

Name of the Vulnerable Software and Affected Versions Crea8Social version 2.0

Description A cross-site scripting (XSS) issue exists in the Games feature, allowing remote authenticated users to inject arbitrary web script or HTML via the Game Content field in the Add Game section. This could potentially lead to unauthorized actions on the affected system.

Recommendations For Crea8Social version 2.0, as a temporary workaround, consider restricting access to the Add Game feature until a patch is available, and avoid using the Game Content field to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.