Description
Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Product(s):
- Yappa-NG 0.9
- Yappa-NG 1.0
- Yappa-NG 1.1
- Yappa-NG 1.2
- Yappa-NG 1.3
- Yappa-NG 1.4
- Yappa-NG 1.5
- Yappa-NG 1.6
- Yappa-NG 2.0.0
- Yappa-NG 2.0.1
- Yappa-NG 2.1.0
- Yappa-NG 2.2.0
- Yappa-NG 2.2.1
- Yappa-NG 2.2.2
- Yappa-NG 2.3.0
- Yappa-NG 2.3.1
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-1311, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-1311 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.