Family Connections 'getChat.php' XPath Injection Vulnerability

Family Connections is prone to an XPath-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in a XPath (XML Path Language) query.

Exploiting this issue could allow an attacker to access or modify data of an XML document.

Family Connections 2.3.2 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus