CVE-2014-125027

Name of the Vulnerable Software and Affected Versions Yuna Scatari TBDev versions up to 2.1.17

Description A vulnerability has been found in Yuna Scatari TBDev, classified as problematic. The issue affects the function get user icons of the file usersearch.php. The manipulation of the argument n/r/r2/em/ip/co/ma/d/d2/ul/ul2/ls/ls2/dl/dl2 leads to cross-site scripting. The attack can be launched remotely.

Recommendations Upgrading to version 2.1.18 is able to address this issue. It is recommended to upgrade the affected component. As a temporary workaround, consider disabling the get user icons function until a patch is available. Restrict access to the usersearch.php file to minimize the risk of exploitation. Avoid using the argument n/r/r2/em/ip/co/ma/d/d2/ul/ul2/ls/ls2/dl/dl2 in the affected component until the issue is resolved.