|
|
WiredRed E/POP Web Conferencing HTML Injection Vulnerability
WiredRed e/pop Web Conferencing is prone to an HTML-injection vulnerability. Attacker-supplied HTML and script code would be executed in the context of the affected website, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. e/pop Web Conferencing 4.1.0.755 is reportedly vulnerable. Other versions may be affected as well. |
|
Privacy Statement |