|
refbase 'headerMsg' Parameter Cross Site Scripting Vulnerabilities
The 'refbase' program is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials. Versions prior to refbase 0.9.5 are vulnerable. |
|
|
Privacy Statement |
