Usermin HTML Email Script Code Execution Vulnerability

Usermin HTML Email Script Code Execution Vulnerability

Usermin is reportedly affected by a script code execution vulnerability when rendering HTML email messages. This issue is due to a failure to sanitize HTML email messages.

This issue will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user; facilitating theft of cookie based authentication credentials. This could potentially allow unauthorized access to user accounts on the computer.