XAMPP Phonebook.PHP Remote HTML Injection Vulnerability

info
discussion
exploit
solution
references

XAMPP Phonebook.PHP Remote HTML Injection Vulnerability

A remote HTML-injection vulnerability affects XAMPP because the application fails to properly sanitize user-supplied input before including it in dynamically generated web content.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user, which may help the attacker steal cookie-based authentication credentials and launch other attacks.