UseResponse Backdoor Unauthorized Access and HTML Injection Vulnerabilities

UseResponse Backdoor Unauthorized Access and HTML Injection Vulnerabilities

UseResponse is prone to an unauthorized-access vulnerability and an HTML-injection vulnerability.

An attacker may leverage these issues to inject hostile HTML and script code that would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials, to control how the site is rendered to the user, or to gain unauthorized access to the affected application through backdoor. This may aid in further attacks.

UseResponse 1.0.2 is vulnerable; other versions may also be affected.