SafeNet Sentinel HASP and 7T IGSS Unspecified HTML Injection Vulnerability

SafeNet Sentinel HASP and 7T IGSS Unspecified HTML Injection Vulnerability

SafeNet Sentinel HASP and 7T IGSS are prone to an HTML-injection vulnerability because they fail to properly sanitize user-supplied input.

Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible.

The following applications are vulnerable:

Sentinel HASP SDK prior to 5.11
Sentinel HASP Run-time prior to 6.x
7 Technologies (7T) IGSS 7