7 lines
No EOL
577 B
Text
7 lines
No EOL
577 B
Text
source: https://www.securityfocus.com/bid/9995/info
|
|
|
|
It has been reported that Fresh Guest Book is prone to a remote HTML injection vulnerability. This issue is due to a failure of the application to properly sanitize user supplied form input.
|
|
|
|
An attacker may exploit the aforementioned vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks may also be possible.
|
|
|
|
<script>alert('xss');</script> |