9 lines
No EOL
551 B
Text
9 lines
No EOL
551 B
Text
source: https://www.securityfocus.com/bid/9375/info
|
|
|
|
SnapStream PVS Lite is prone to a cross-site scripting vulnerability.
|
|
|
|
An attacker could exploit this issue by enticing a victim user to follow a malicious link to a system hosting the software that contains embedded HTML and script code. The embedded code may be rendered in the web browser of the victim user.
|
|
|
|
This could be exploited to steal cookie-based authentication credentials from legitimate users. Other attacks are also possible.
|
|
|
|
http://www.example.com/?"><script>alert('XSS')</script> |