VULHUB ™

Site Studio guestbook does not filter HTML code from user-supplied input. A remote user can create a specially crafted entry that, when the page rendered, will cause arbitrary scripting to be executed by the user's browser.

Site Studio guestbook does not filter HTML code from user-supplied input. A remote user can create a specially crafted entry that, when the page rendered, will cause arbitrary scripting to be executed by the user's browser.