VLBook Message HTML Injection Vulnerability

VlBook is prone to a HTML-injection vulnerability because it fails to properly sanitize HTML and script code from user-supplied input.

An attacker could exploit this vulnerability to inject hostile HTML and script code into the browser session of other users of the application.


Privacy Statement
Copyright 2010, SecurityFocus