PhotoPost Script Injection Vulnerability

PhotoPost Script Injection Vulnerability

PhotoPost is prone to a script injection vulnerability. This is due to a lack of proper sanitization of user-supplied input.

A malicious user may cause arbitrary script code to be executed in the Web browser context of an unsuspecting victim. This may lead to the theft of cookie-based authentication credentials in the context of the victim's browser application.

Further attacks are also possible.