7 lines
No EOL
537 B
Text
7 lines
No EOL
537 B
Text
source: https://www.securityfocus.com/bid/13127/info
|
|
|
|
XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content.
|
|
|
|
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user, which may help the attacker steal cookie-based authentication credentials and launch other attacks.
|
|
|
|
http://www.example.com/xampp/phonebook.php?lastname=Cru3l.b0y&firstname=&phone= |